//===----------------------------------------------------------------------===//
//
// This source file is part of the Soto for AWS open source project
//
// Copyright (c) 2017-2022 the Soto project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of Soto project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//

// THIS FILE IS AUTOMATICALLY GENERATED by https://github.com/soto-project/soto-codegenerator.
// DO NOT EDIT.

import Foundation
import SotoCore

extension Transfer {
    // MARK: Enums

    public enum AgreementStatusType: String, CustomStringConvertible, Codable, _SotoSendable {
        case active = "ACTIVE"
        case inactive = "INACTIVE"
        public var description: String { return self.rawValue }
    }

    public enum As2Transport: String, CustomStringConvertible, Codable, _SotoSendable {
        case http = "HTTP"
        public var description: String { return self.rawValue }
    }

    public enum CertificateStatusType: String, CustomStringConvertible, Codable, _SotoSendable {
        case active = "ACTIVE"
        case inactive = "INACTIVE"
        case pendingRotation = "PENDING_ROTATION"
        public var description: String { return self.rawValue }
    }

    public enum CertificateType: String, CustomStringConvertible, Codable, _SotoSendable {
        case certificate = "CERTIFICATE"
        case certificateWithPrivateKey = "CERTIFICATE_WITH_PRIVATE_KEY"
        public var description: String { return self.rawValue }
    }

    public enum CertificateUsageType: String, CustomStringConvertible, Codable, _SotoSendable {
        case encryption = "ENCRYPTION"
        case signing = "SIGNING"
        public var description: String { return self.rawValue }
    }

    public enum CompressionEnum: String, CustomStringConvertible, Codable, _SotoSendable {
        case disabled = "DISABLED"
        case zlib = "ZLIB"
        public var description: String { return self.rawValue }
    }

    public enum CustomStepStatus: String, CustomStringConvertible, Codable, _SotoSendable {
        case failure = "FAILURE"
        case success = "SUCCESS"
        public var description: String { return self.rawValue }
    }

    public enum Domain: String, CustomStringConvertible, Codable, _SotoSendable {
        case efs = "EFS"
        case s3 = "S3"
        public var description: String { return self.rawValue }
    }

    public enum EncryptionAlg: String, CustomStringConvertible, Codable, _SotoSendable {
        case aes128Cbc = "AES128_CBC"
        case aes192Cbc = "AES192_CBC"
        case aes256Cbc = "AES256_CBC"
        case none = "NONE"
        public var description: String { return self.rawValue }
    }

    public enum EncryptionType: String, CustomStringConvertible, Codable, _SotoSendable {
        case pgp = "PGP"
        public var description: String { return self.rawValue }
    }

    public enum EndpointType: String, CustomStringConvertible, Codable, _SotoSendable {
        case `public` = "PUBLIC"
        case vpc = "VPC"
        case vpcEndpoint = "VPC_ENDPOINT"
        public var description: String { return self.rawValue }
    }

    public enum ExecutionErrorType: String, CustomStringConvertible, Codable, _SotoSendable {
        case alreadyExists = "ALREADY_EXISTS"
        case badRequest = "BAD_REQUEST"
        case customStepFailed = "CUSTOM_STEP_FAILED"
        case internalServerError = "INTERNAL_SERVER_ERROR"
        case notFound = "NOT_FOUND"
        case permissionDenied = "PERMISSION_DENIED"
        case throttled = "THROTTLED"
        case timeout = "TIMEOUT"
        public var description: String { return self.rawValue }
    }

    public enum ExecutionStatus: String, CustomStringConvertible, Codable, _SotoSendable {
        case completed = "COMPLETED"
        case exception = "EXCEPTION"
        case handlingException = "HANDLING_EXCEPTION"
        case inProgress = "IN_PROGRESS"
        public var description: String { return self.rawValue }
    }

    public enum HomeDirectoryType: String, CustomStringConvertible, Codable, _SotoSendable {
        case logical = "LOGICAL"
        case path = "PATH"
        public var description: String { return self.rawValue }
    }

    public enum IdentityProviderType: String, CustomStringConvertible, Codable, _SotoSendable {
        case apiGateway = "API_GATEWAY"
        case awsDirectoryService = "AWS_DIRECTORY_SERVICE"
        case awsLambda = "AWS_LAMBDA"
        case serviceManaged = "SERVICE_MANAGED"
        public var description: String { return self.rawValue }
    }

    public enum MdnResponse: String, CustomStringConvertible, Codable, _SotoSendable {
        case none = "NONE"
        case sync = "SYNC"
        public var description: String { return self.rawValue }
    }

    public enum MdnSigningAlg: String, CustomStringConvertible, Codable, _SotoSendable {
        case `default` = "DEFAULT"
        case none = "NONE"
        case sha1 = "SHA1"
        case sha256 = "SHA256"
        case sha384 = "SHA384"
        case sha512 = "SHA512"
        public var description: String { return self.rawValue }
    }

    public enum OverwriteExisting: String, CustomStringConvertible, Codable, _SotoSendable {
        case `false` = "FALSE"
        case `true` = "TRUE"
        public var description: String { return self.rawValue }
    }

    public enum ProfileType: String, CustomStringConvertible, Codable, _SotoSendable {
        case local = "LOCAL"
        case partner = "PARTNER"
        public var description: String { return self.rawValue }
    }

    public enum SetStatOption: String, CustomStringConvertible, Codable, _SotoSendable {
        case `default` = "DEFAULT"
        case enableNoOp = "ENABLE_NO_OP"
        public var description: String { return self.rawValue }
    }

    public enum SigningAlg: String, CustomStringConvertible, Codable, _SotoSendable {
        case none = "NONE"
        case sha1 = "SHA1"
        case sha256 = "SHA256"
        case sha384 = "SHA384"
        case sha512 = "SHA512"
        public var description: String { return self.rawValue }
    }

    public enum State: String, CustomStringConvertible, Codable, _SotoSendable {
        case offline = "OFFLINE"
        case online = "ONLINE"
        case startFailed = "START_FAILED"
        case starting = "STARTING"
        case stopFailed = "STOP_FAILED"
        case stopping = "STOPPING"
        public var description: String { return self.rawValue }
    }

    public enum TlsSessionResumptionMode: String, CustomStringConvertible, Codable, _SotoSendable {
        case disabled = "DISABLED"
        case enabled = "ENABLED"
        case enforced = "ENFORCED"
        public var description: String { return self.rawValue }
    }

    public enum WorkflowStepType: String, CustomStringConvertible, Codable, _SotoSendable {
        case copy = "COPY"
        case custom = "CUSTOM"
        case decrypt = "DECRYPT"
        case delete = "DELETE"
        case tag = "TAG"
        public var description: String { return self.rawValue }
    }

    public enum `Protocol`: String, CustomStringConvertible, Codable, _SotoSendable {
        case as2 = "AS2"
        case ftp = "FTP"
        case ftps = "FTPS"
        case sftp = "SFTP"
        public var description: String { return self.rawValue }
    }

    // MARK: Shapes

    public struct As2ConnectorConfig: AWSEncodableShape & AWSDecodableShape {
        /// Specifies whether the AS2 file is compressed.
        public let compression: CompressionEnum?
        /// The algorithm that is used to encrypt the file.
        public let encryptionAlgorithm: EncryptionAlg?
        /// A unique identifier for the AS2 local profile.
        public let localProfileId: String?
        /// Used  for outbound requests (from an Transfer Family server to a partner AS2 server) to determine whether the partner response for transfers is synchronous or asynchronous. Specify either of the following values:    SYNC: The system expects a synchronous MDN response, confirming that the file was transferred successfully (or not).    NONE: Specifies that no MDN response is required.
        public let mdnResponse: MdnResponse?
        /// The signing algorithm for the MDN response.  If set to DEFAULT (or not set at all), the value for SigningAlogorithm is used.
        public let mdnSigningAlgorithm: MdnSigningAlg?
        /// Used as the Subject HTTP header attribute in AS2 messages that are being sent with the connector.
        public let messageSubject: String?
        /// A unique identifier for the partner profile for the connector.
        public let partnerProfileId: String?
        /// The algorithm that is used to sign the AS2 messages sent with the connector.
        public let signingAlgorithm: SigningAlg?

        public init(compression: CompressionEnum? = nil, encryptionAlgorithm: EncryptionAlg? = nil, localProfileId: String? = nil, mdnResponse: MdnResponse? = nil, mdnSigningAlgorithm: MdnSigningAlg? = nil, messageSubject: String? = nil, partnerProfileId: String? = nil, signingAlgorithm: SigningAlg? = nil) {
            self.compression = compression
            self.encryptionAlgorithm = encryptionAlgorithm
            self.localProfileId = localProfileId
            self.mdnResponse = mdnResponse
            self.mdnSigningAlgorithm = mdnSigningAlgorithm
            self.messageSubject = messageSubject
            self.partnerProfileId = partnerProfileId
            self.signingAlgorithm = signingAlgorithm
        }

        public func validate(name: String) throws {
            try self.validate(self.localProfileId, name: "localProfileId", parent: name, max: 19)
            try self.validate(self.localProfileId, name: "localProfileId", parent: name, min: 19)
            try self.validate(self.localProfileId, name: "localProfileId", parent: name, pattern: "^p-([0-9a-f]{17})$")
            try self.validate(self.messageSubject, name: "messageSubject", parent: name, max: 1024)
            try self.validate(self.messageSubject, name: "messageSubject", parent: name, min: 1)
            try self.validate(self.messageSubject, name: "messageSubject", parent: name, pattern: "^[\\p{Print}\\p{Blank}]+$")
            try self.validate(self.partnerProfileId, name: "partnerProfileId", parent: name, max: 19)
            try self.validate(self.partnerProfileId, name: "partnerProfileId", parent: name, min: 19)
            try self.validate(self.partnerProfileId, name: "partnerProfileId", parent: name, pattern: "^p-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case compression = "Compression"
            case encryptionAlgorithm = "EncryptionAlgorithm"
            case localProfileId = "LocalProfileId"
            case mdnResponse = "MdnResponse"
            case mdnSigningAlgorithm = "MdnSigningAlgorithm"
            case messageSubject = "MessageSubject"
            case partnerProfileId = "PartnerProfileId"
            case signingAlgorithm = "SigningAlgorithm"
        }
    }

    public struct CopyStepDetails: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the location for the file being copied. Only applicable for Copy type workflow steps. Use ${Transfer:username} in this field to parametrize the destination prefix by username.
        public let destinationFileLocation: InputFileLocation?
        /// The name of the step, used as an identifier.
        public let name: String?
        /// A flag that indicates whether or not to overwrite an existing file of the same name. The default is FALSE.
        public let overwriteExisting: OverwriteExisting?
        /// Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.   Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.   Enter ${original.file} to use the originally-uploaded file location as input for this step.
        public let sourceFileLocation: String?

        public init(destinationFileLocation: InputFileLocation? = nil, name: String? = nil, overwriteExisting: OverwriteExisting? = nil, sourceFileLocation: String? = nil) {
            self.destinationFileLocation = destinationFileLocation
            self.name = name
            self.overwriteExisting = overwriteExisting
            self.sourceFileLocation = sourceFileLocation
        }

        public func validate(name: String) throws {
            try self.destinationFileLocation?.validate(name: "\(name).destinationFileLocation")
            try self.validate(self.name, name: "name", parent: name, max: 30)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[\\w-]*$")
            try self.validate(self.sourceFileLocation, name: "sourceFileLocation", parent: name, max: 256)
            try self.validate(self.sourceFileLocation, name: "sourceFileLocation", parent: name, pattern: "^\\$\\{(\\w+.)+\\w+\\}$")
        }

        private enum CodingKeys: String, CodingKey {
            case destinationFileLocation = "DestinationFileLocation"
            case name = "Name"
            case overwriteExisting = "OverwriteExisting"
            case sourceFileLocation = "SourceFileLocation"
        }
    }

    public struct CreateAccessRequest: AWSEncodableShape {
        /// A unique identifier that is required to identify specific groups within your directory. The users of the group that you associate have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Transfer Family. If you know the group name, you can view the SID values by running the following command using Windows PowerShell.  Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid  In that command, replace YourGroupName with the name of your Active Directory group. The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@:/-
        public let externalId: String
        /// The landing directory (folder) for a user when they log in to the server using the client. A HomeDirectory example is /bucket_name/home/mydirectory.
        public let homeDirectory: String?
        /// Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)  role provides access to paths in Target. This value can be set only when HomeDirectoryType is set to LOGICAL. The following is an Entry and Target pair example.  [ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]  In most cases, you can use this value instead of the session policy to lock down your user to the designated home directory ("chroot"). To do this, you can set Entry to / and set Target to the HomeDirectory parameter value. The following is an Entry and Target pair example for chroot.  [ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]
        public let homeDirectoryMappings: [HomeDirectoryMapEntry]?
        /// The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer  protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for  how you want to make Amazon S3 or Amazon EFS paths visible to your users.
        public let homeDirectoryType: HomeDirectoryType?
        /// A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.  This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies. For session policies, Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the Policy argument. For an example of a session policy, see Example session policy. For more information, see AssumeRole in the Security Token Service API Reference.
        public let policy: String?
        public let posixProfile: PosixProfile?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3  bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users  when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust  relationship that allows the server to access your resources when servicing your users' transfer requests.
        public let role: String
        /// A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
        public let serverId: String

        public init(externalId: String, homeDirectory: String? = nil, homeDirectoryMappings: [HomeDirectoryMapEntry]? = nil, homeDirectoryType: HomeDirectoryType? = nil, policy: String? = nil, posixProfile: PosixProfile? = nil, role: String, serverId: String) {
            self.externalId = externalId
            self.homeDirectory = homeDirectory
            self.homeDirectoryMappings = homeDirectoryMappings
            self.homeDirectoryType = homeDirectoryType
            self.policy = policy
            self.posixProfile = posixProfile
            self.role = role
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.externalId, name: "externalId", parent: name, max: 256)
            try self.validate(self.externalId, name: "externalId", parent: name, min: 1)
            try self.validate(self.externalId, name: "externalId", parent: name, pattern: "^S-1-[\\d-]+$")
            try self.validate(self.homeDirectory, name: "homeDirectory", parent: name, max: 1024)
            try self.validate(self.homeDirectory, name: "homeDirectory", parent: name, pattern: "^$|/")
            try self.homeDirectoryMappings?.forEach {
                try $0.validate(name: "\(name).homeDirectoryMappings[]")
            }
            try self.validate(self.homeDirectoryMappings, name: "homeDirectoryMappings", parent: name, max: 50)
            try self.validate(self.homeDirectoryMappings, name: "homeDirectoryMappings", parent: name, min: 1)
            try self.validate(self.policy, name: "policy", parent: name, max: 2048)
            try self.posixProfile?.validate(name: "\(name).posixProfile")
            try self.validate(self.role, name: "role", parent: name, max: 2048)
            try self.validate(self.role, name: "role", parent: name, min: 20)
            try self.validate(self.role, name: "role", parent: name, pattern: "^arn:.*role/")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case externalId = "ExternalId"
            case homeDirectory = "HomeDirectory"
            case homeDirectoryMappings = "HomeDirectoryMappings"
            case homeDirectoryType = "HomeDirectoryType"
            case policy = "Policy"
            case posixProfile = "PosixProfile"
            case role = "Role"
            case serverId = "ServerId"
        }
    }

    public struct CreateAccessResponse: AWSDecodableShape {
        /// The external identifier of the group whose users have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Transfer Family.
        public let externalId: String
        /// The identifier of the server that the user is attached to.
        public let serverId: String

        public init(externalId: String, serverId: String) {
            self.externalId = externalId
            self.serverId = serverId
        }

        private enum CodingKeys: String, CodingKey {
            case externalId = "ExternalId"
            case serverId = "ServerId"
        }
    }

    public struct CreateAgreementRequest: AWSEncodableShape {
        /// With AS2, you can send files by calling StartFileTransfer and specifying the file paths in the request parameter, SendFilePaths. We use the file’s parent directory (for example, for --send-file-paths /bucket/dir/file.txt, parent directory is /bucket/dir/) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the AccessRole needs to provide read and write access to the parent directory of the file location used in the StartFileTransfer request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with StartFileTransfer.
        public let accessRole: String
        /// The landing directory (folder) for files transferred by using the AS2 protocol. A BaseDirectory example is DOC-EXAMPLE-BUCKET/home/mydirectory.
        public let baseDirectory: String
        /// A name or short description to identify the agreement.
        public let description: String?
        /// A unique identifier for the AS2 local profile.
        public let localProfileId: String
        /// A unique identifier for the partner profile used in the agreement.
        public let partnerProfileId: String
        /// A system-assigned unique identifier for a server instance. This is the specific server that the agreement uses.
        public let serverId: String
        /// The status of the agreement. The agreement can be either ACTIVE or INACTIVE.
        public let status: AgreementStatusType?
        /// Key-value pairs that can be used to group and search for agreements.
        public let tags: [Tag]?

        public init(accessRole: String, baseDirectory: String, description: String? = nil, localProfileId: String, partnerProfileId: String, serverId: String, status: AgreementStatusType? = nil, tags: [Tag]? = nil) {
            self.accessRole = accessRole
            self.baseDirectory = baseDirectory
            self.description = description
            self.localProfileId = localProfileId
            self.partnerProfileId = partnerProfileId
            self.serverId = serverId
            self.status = status
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.accessRole, name: "accessRole", parent: name, max: 2048)
            try self.validate(self.accessRole, name: "accessRole", parent: name, min: 20)
            try self.validate(self.accessRole, name: "accessRole", parent: name, pattern: "^arn:.*role/")
            try self.validate(self.baseDirectory, name: "baseDirectory", parent: name, max: 1024)
            try self.validate(self.baseDirectory, name: "baseDirectory", parent: name, pattern: "^$|/")
            try self.validate(self.description, name: "description", parent: name, max: 200)
            try self.validate(self.description, name: "description", parent: name, min: 1)
            try self.validate(self.description, name: "description", parent: name, pattern: "^[\\p{Graph}]+$")
            try self.validate(self.localProfileId, name: "localProfileId", parent: name, max: 19)
            try self.validate(self.localProfileId, name: "localProfileId", parent: name, min: 19)
            try self.validate(self.localProfileId, name: "localProfileId", parent: name, pattern: "^p-([0-9a-f]{17})$")
            try self.validate(self.partnerProfileId, name: "partnerProfileId", parent: name, max: 19)
            try self.validate(self.partnerProfileId, name: "partnerProfileId", parent: name, min: 19)
            try self.validate(self.partnerProfileId, name: "partnerProfileId", parent: name, pattern: "^p-([0-9a-f]{17})$")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
            try self.validate(self.tags, name: "tags", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case accessRole = "AccessRole"
            case baseDirectory = "BaseDirectory"
            case description = "Description"
            case localProfileId = "LocalProfileId"
            case partnerProfileId = "PartnerProfileId"
            case serverId = "ServerId"
            case status = "Status"
            case tags = "Tags"
        }
    }

    public struct CreateAgreementResponse: AWSDecodableShape {
        /// The unique identifier for the agreement. Use this ID for deleting, or updating an agreement, as well as in any other API calls that require that you specify the agreement ID.
        public let agreementId: String

        public init(agreementId: String) {
            self.agreementId = agreementId
        }

        private enum CodingKeys: String, CodingKey {
            case agreementId = "AgreementId"
        }
    }

    public struct CreateConnectorRequest: AWSEncodableShape {
        /// With AS2, you can send files by calling StartFileTransfer and specifying the file paths in the request parameter, SendFilePaths. We use the file’s parent directory (for example, for --send-file-paths /bucket/dir/file.txt, parent directory is /bucket/dir/) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the AccessRole needs to provide read and write access to the parent directory of the file location used in the StartFileTransfer request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with StartFileTransfer.
        public let accessRole: String
        /// A structure that contains the parameters for a connector object.
        public let as2Config: As2ConnectorConfig
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.
        public let loggingRole: String?
        /// Key-value pairs that can be used to group and search for connectors. Tags are metadata attached to connectors for any purpose.
        public let tags: [Tag]?
        /// The URL of the partner's AS2 endpoint.
        public let url: String

        public init(accessRole: String, as2Config: As2ConnectorConfig, loggingRole: String? = nil, tags: [Tag]? = nil, url: String) {
            self.accessRole = accessRole
            self.as2Config = as2Config
            self.loggingRole = loggingRole
            self.tags = tags
            self.url = url
        }

        public func validate(name: String) throws {
            try self.validate(self.accessRole, name: "accessRole", parent: name, max: 2048)
            try self.validate(self.accessRole, name: "accessRole", parent: name, min: 20)
            try self.validate(self.accessRole, name: "accessRole", parent: name, pattern: "^arn:.*role/")
            try self.as2Config.validate(name: "\(name).as2Config")
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, max: 2048)
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, min: 20)
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, pattern: "^arn:.*role/")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
            try self.validate(self.tags, name: "tags", parent: name, min: 1)
            try self.validate(self.url, name: "url", parent: name, max: 255)
        }

        private enum CodingKeys: String, CodingKey {
            case accessRole = "AccessRole"
            case as2Config = "As2Config"
            case loggingRole = "LoggingRole"
            case tags = "Tags"
            case url = "Url"
        }
    }

    public struct CreateConnectorResponse: AWSDecodableShape {
        /// The unique identifier for the connector, returned after the API call succeeds.
        public let connectorId: String

        public init(connectorId: String) {
            self.connectorId = connectorId
        }

        private enum CodingKeys: String, CodingKey {
            case connectorId = "ConnectorId"
        }
    }

    public struct CreateProfileRequest: AWSEncodableShape {
        /// The As2Id is the AS2-name, as defined in the  RFC 4130. For inbound transfers, this is the AS2-From header for the AS2 messages sent from the partner. For outbound connectors, this is the AS2-To header for the AS2 messages sent to the partner using the StartFileTransfer API operation. This ID cannot include spaces.
        public let as2Id: String
        /// An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
        public let certificateIds: [String]?
        /// Determines the type of profile to create:   Specify LOCAL to create a local profile. A local profile represents the AS2-enabled Transfer Family server organization or party.   Specify PARTNER to create a partner profile. A partner profile represents a remote organization, external to Transfer Family.
        public let profileType: ProfileType
        /// Key-value pairs that can be used to group and search for AS2 profiles.
        public let tags: [Tag]?

        public init(as2Id: String, certificateIds: [String]? = nil, profileType: ProfileType, tags: [Tag]? = nil) {
            self.as2Id = as2Id
            self.certificateIds = certificateIds
            self.profileType = profileType
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.as2Id, name: "as2Id", parent: name, max: 128)
            try self.validate(self.as2Id, name: "as2Id", parent: name, min: 1)
            try self.validate(self.as2Id, name: "as2Id", parent: name, pattern: "^[\\p{Print}\\s]*$")
            try self.certificateIds?.forEach {
                try validate($0, name: "certificateIds[]", parent: name, max: 22)
                try validate($0, name: "certificateIds[]", parent: name, min: 22)
                try validate($0, name: "certificateIds[]", parent: name, pattern: "^cert-([0-9a-f]{17})$")
            }
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
            try self.validate(self.tags, name: "tags", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case as2Id = "As2Id"
            case certificateIds = "CertificateIds"
            case profileType = "ProfileType"
            case tags = "Tags"
        }
    }

    public struct CreateProfileResponse: AWSDecodableShape {
        /// The unique identifier for the AS2 profile, returned after the API call succeeds.
        public let profileId: String

        public init(profileId: String) {
            self.profileId = profileId
        }

        private enum CodingKeys: String, CodingKey {
            case profileId = "ProfileId"
        }
    }

    public struct CreateServerRequest: AWSEncodableShape {
        /// The Amazon Resource Name (ARN) of the Certificate Manager (ACM) certificate. Required when Protocols is set to FTPS. To request a new public certificate, see Request a public certificate in the Certificate Manager User Guide. To import an existing certificate into ACM, see Importing certificates into ACM in the Certificate Manager User Guide. To request a private certificate to use FTPS through private IP addresses, see Request a private certificate in the Certificate Manager User Guide. Certificates with the following cryptographic algorithms and key sizes are supported:   2048-bit RSA (RSA_2048)   4096-bit RSA (RSA_4096)   Elliptic Prime Curve 256 bit (EC_prime256v1)   Elliptic Prime Curve 384 bit (EC_secp384r1)   Elliptic Prime Curve 521 bit (EC_secp521r1)    The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.
        public let certificate: String?
        /// The domain of the storage system that is used for file transfers. There are two domains available: Amazon Simple Storage Service (Amazon S3) and Amazon Elastic File System (Amazon EFS). The default value is S3.  After the server is created, the domain cannot be changed.
        public let domain: Domain?
        /// The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.
        public let endpointDetails: EndpointDetails?
        /// The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and  resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.  After May 19, 2021, you won't be able to create a server using EndpointType=VPC_ENDPOINT in your Amazon Web Services account if your account hasn't already done so before May 19, 2021. If you have already created servers with EndpointType=VPC_ENDPOINT in your Amazon Web Services account on or before May 19, 2021, you will not be affected. After this date, use EndpointType=VPC. For more information, see https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint. It is recommended that you use VPC as the EndpointType. With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with EndpointType set to VPC_ENDPOINT.
        public let endpointType: EndpointType?
        /// The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled server. You can add multiple host keys, in case you want to rotate keys, or have a set of active keys that use different algorithms. Use the following command to generate an RSA 2048 bit key with no passphrase:  ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key. Use a minimum value of 2048 for the -b option. You can create a stronger key by using 3072 or 4096. Use the following command to generate an ECDSA 256 bit key with no passphrase:  ssh-keygen -t ecdsa -b 256 -N "" -m PEM -f my-new-server-key. Valid values for the -b option for ECDSA are 256, 384, and 521. Use the following command to generate an ED25519 key with no passphrase:  ssh-keygen -t ed25519 -N "" -f my-new-server-key. For all of these commands, you can replace my-new-server-key with a string of your choice.  If you aren't planning to migrate existing users from an existing SFTP-enabled server to a new server, don't update the host key. Accidentally changing a server's host key can be disruptive.  For more information, see Update host keys for your SFTP-enabled server in the Transfer Family User Guide.
        public let hostKey: String?
        /// Required when IdentityProviderType is set to AWS_DIRECTORY_SERVICE or API_GATEWAY. Accepts an array containing all of the information required to use a directory in AWS_DIRECTORY_SERVICE or invoke a customer-supplied authentication API, including the API Gateway URL. Not required when IdentityProviderType is set to SERVICE_MANAGED.
        public let identityProviderDetails: IdentityProviderDetails?
        /// The mode of authentication for a server. The default value is SERVICE_MANAGED, which allows you to store and access user credentials within the Transfer Family service. Use AWS_DIRECTORY_SERVICE to provide access to Active Directory groups in Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in Amazon Web Services using AD Connector. This option also requires you to provide a Directory ID by using the IdentityProviderDetails parameter. Use the API_GATEWAY value to integrate with an identity provider of your choosing. The API_GATEWAY setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the IdentityProviderDetails parameter. Use the AWS_LAMBDA value to directly use an Lambda function as your identity provider.  If you choose this value, you must specify the ARN for the Lambda function in the Function parameter  or the IdentityProviderDetails data type.
        public let identityProviderType: IdentityProviderType?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.
        public let loggingRole: String?
        /// Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.  The SFTP protocol does not support post-authentication display banners.
        public let postAuthenticationLoginBanner: String?
        /// Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:  This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.
        public let preAuthenticationLoginBanner: String?
        /// The protocol settings that are configured for your server.    To indicate passive mode (for FTP and FTPS protocols), use the PassiveIp parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.    To ignore the error that is generated when the client attempts to use the SETSTAT command on a file that you are  uploading to an Amazon S3 bucket, use the SetStatOption parameter. To have the Transfer Family server ignore the  SETSTAT command and upload files without needing to make any changes to your SFTP client, set the value to  ENABLE_NO_OP. If you set the SetStatOption parameter to ENABLE_NO_OP, Transfer Family  generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a SETSTAT  call.   To determine whether your Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the  TlsSessionResumptionMode parameter.    As2Transports indicates the transport method for the AS2 messages. Currently, only HTTP is supported.
        public let protocolDetails: ProtocolDetails?
        /// Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:    SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH    FTPS (File Transfer Protocol Secure): File transfer with TLS encryption    FTP (File Transfer Protocol): Unencrypted file transfer    AS2 (Applicability Statement 2): used for transporting structured business-to-business data      If you select FTPS, you must choose a certificate stored in Certificate Manager (ACM)  which is used to identify your server when clients connect to it over FTPS.   If Protocol includes either FTP or FTPS, then the EndpointType must be VPC and the IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.   If Protocol includes FTP, then AddressAllocationIds cannot be associated.   If Protocol is set only to SFTP, the EndpointType can be set to PUBLIC and the IdentityProviderType can be set to SERVICE_MANAGED.   If Protocol includes AS2, then the EndpointType must be VPC, and domain must be Amazon S3.
        public let protocols: [`Protocol`]?
        /// Specifies the name of the security policy that is attached to the server.
        public let securityPolicyName: String?
        /// Key-value pairs that can be used to group and search for servers.
        public let tags: [Tag]?
        /// Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow. In additon to a workflow to execute when a file is uploaded completely, WorkflowDeatails can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.
        public let workflowDetails: WorkflowDetails?

        public init(certificate: String? = nil, domain: Domain? = nil, endpointDetails: EndpointDetails? = nil, endpointType: EndpointType? = nil, hostKey: String? = nil, identityProviderDetails: IdentityProviderDetails? = nil, identityProviderType: IdentityProviderType? = nil, loggingRole: String? = nil, postAuthenticationLoginBanner: String? = nil, preAuthenticationLoginBanner: String? = nil, protocolDetails: ProtocolDetails? = nil, protocols: [`Protocol`]? = nil, securityPolicyName: String? = nil, tags: [Tag]? = nil, workflowDetails: WorkflowDetails? = nil) {
            self.certificate = certificate
            self.domain = domain
            self.endpointDetails = endpointDetails
            self.endpointType = endpointType
            self.hostKey = hostKey
            self.identityProviderDetails = identityProviderDetails
            self.identityProviderType = identityProviderType
            self.loggingRole = loggingRole
            self.postAuthenticationLoginBanner = postAuthenticationLoginBanner
            self.preAuthenticationLoginBanner = preAuthenticationLoginBanner
            self.protocolDetails = protocolDetails
            self.protocols = protocols
            self.securityPolicyName = securityPolicyName
            self.tags = tags
            self.workflowDetails = workflowDetails
        }

        public func validate(name: String) throws {
            try self.validate(self.certificate, name: "certificate", parent: name, max: 1600)
            try self.endpointDetails?.validate(name: "\(name).endpointDetails")
            try self.validate(self.hostKey, name: "hostKey", parent: name, max: 4096)
            try self.identityProviderDetails?.validate(name: "\(name).identityProviderDetails")
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, max: 2048)
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, min: 20)
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, pattern: "^arn:.*role/")
            try self.validate(self.postAuthenticationLoginBanner, name: "postAuthenticationLoginBanner", parent: name, max: 512)
            try self.validate(self.postAuthenticationLoginBanner, name: "postAuthenticationLoginBanner", parent: name, pattern: "^[\\x09-\\x0D\\x20-\\x7E]*$")
            try self.validate(self.preAuthenticationLoginBanner, name: "preAuthenticationLoginBanner", parent: name, max: 512)
            try self.validate(self.preAuthenticationLoginBanner, name: "preAuthenticationLoginBanner", parent: name, pattern: "^[\\x09-\\x0D\\x20-\\x7E]*$")
            try self.protocolDetails?.validate(name: "\(name).protocolDetails")
            try self.validate(self.protocols, name: "protocols", parent: name, max: 4)
            try self.validate(self.protocols, name: "protocols", parent: name, min: 1)
            try self.validate(self.securityPolicyName, name: "securityPolicyName", parent: name, max: 100)
            try self.validate(self.securityPolicyName, name: "securityPolicyName", parent: name, pattern: "^TransferSecurityPolicy-.+$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
            try self.validate(self.tags, name: "tags", parent: name, min: 1)
            try self.workflowDetails?.validate(name: "\(name).workflowDetails")
        }

        private enum CodingKeys: String, CodingKey {
            case certificate = "Certificate"
            case domain = "Domain"
            case endpointDetails = "EndpointDetails"
            case endpointType = "EndpointType"
            case hostKey = "HostKey"
            case identityProviderDetails = "IdentityProviderDetails"
            case identityProviderType = "IdentityProviderType"
            case loggingRole = "LoggingRole"
            case postAuthenticationLoginBanner = "PostAuthenticationLoginBanner"
            case preAuthenticationLoginBanner = "PreAuthenticationLoginBanner"
            case protocolDetails = "ProtocolDetails"
            case protocols = "Protocols"
            case securityPolicyName = "SecurityPolicyName"
            case tags = "Tags"
            case workflowDetails = "WorkflowDetails"
        }
    }

    public struct CreateServerResponse: AWSDecodableShape {
        /// The service-assigned identifier of the server that is created.
        public let serverId: String

        public init(serverId: String) {
            self.serverId = serverId
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
        }
    }

    public struct CreateUserRequest: AWSEncodableShape {
        /// The landing directory (folder) for a user when they log in to the server using the client. A HomeDirectory example is /bucket_name/home/mydirectory.
        public let homeDirectory: String?
        /// Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)  role provides access to paths in Target. This value can be set only when HomeDirectoryType is set to LOGICAL. The following is an Entry and Target pair example.  [ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]  In most cases, you can use this value instead of the session policy to lock your user down to the designated home directory ("chroot"). To do this, you can set Entry to / and set Target to the HomeDirectory parameter value. The following is an Entry and Target pair example for chroot.  [ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]
        public let homeDirectoryMappings: [HomeDirectoryMapEntry]?
        /// The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer  protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for  how you want to make Amazon S3 or Amazon EFS paths visible to your users.
        public let homeDirectoryType: HomeDirectoryType?
        /// A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.  This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies. For session policies, Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the Policy argument. For an example of a session policy, see Example session policy. For more information, see AssumeRole in the Amazon Web Services Security Token Service API Reference.
        public let policy: String?
        /// Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon EFS file systems. The POSIX permissions that are set on files and directories in Amazon EFS determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.
        public let posixProfile: PosixProfile?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3  bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users  when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust  relationship that allows the server to access your resources when servicing your users' transfer requests.
        public let role: String
        /// A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
        public let serverId: String
        /// The public portion of the Secure Shell (SSH) key used to authenticate the user to the server. Transfer Family accepts RSA, ECDSA, and ED25519 keys.
        public let sshPublicKeyBody: String?
        /// Key-value pairs that can be used to group and search for users. Tags are metadata attached to users for any purpose.
        public let tags: [Tag]?
        /// A unique string that identifies a user and is associated with a ServerId. This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.
        public let userName: String

        public init(homeDirectory: String? = nil, homeDirectoryMappings: [HomeDirectoryMapEntry]? = nil, homeDirectoryType: HomeDirectoryType? = nil, policy: String? = nil, posixProfile: PosixProfile? = nil, role: String, serverId: String, sshPublicKeyBody: String? = nil, tags: [Tag]? = nil, userName: String) {
            self.homeDirectory = homeDirectory
            self.homeDirectoryMappings = homeDirectoryMappings
            self.homeDirectoryType = homeDirectoryType
            self.policy = policy
            self.posixProfile = posixProfile
            self.role = role
            self.serverId = serverId
            self.sshPublicKeyBody = sshPublicKeyBody
            self.tags = tags
            self.userName = userName
        }

        public func validate(name: String) throws {
            try self.validate(self.homeDirectory, name: "homeDirectory", parent: name, max: 1024)
            try self.validate(self.homeDirectory, name: "homeDirectory", parent: name, pattern: "^$|/")
            try self.homeDirectoryMappings?.forEach {
                try $0.validate(name: "\(name).homeDirectoryMappings[]")
            }
            try self.validate(self.homeDirectoryMappings, name: "homeDirectoryMappings", parent: name, max: 50)
            try self.validate(self.homeDirectoryMappings, name: "homeDirectoryMappings", parent: name, min: 1)
            try self.validate(self.policy, name: "policy", parent: name, max: 2048)
            try self.posixProfile?.validate(name: "\(name).posixProfile")
            try self.validate(self.role, name: "role", parent: name, max: 2048)
            try self.validate(self.role, name: "role", parent: name, min: 20)
            try self.validate(self.role, name: "role", parent: name, pattern: "^arn:.*role/")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
            try self.validate(self.sshPublicKeyBody, name: "sshPublicKeyBody", parent: name, max: 2048)
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
            try self.validate(self.tags, name: "tags", parent: name, min: 1)
            try self.validate(self.userName, name: "userName", parent: name, max: 100)
            try self.validate(self.userName, name: "userName", parent: name, min: 3)
            try self.validate(self.userName, name: "userName", parent: name, pattern: "^[\\w][\\w@.-]{2,99}$")
        }

        private enum CodingKeys: String, CodingKey {
            case homeDirectory = "HomeDirectory"
            case homeDirectoryMappings = "HomeDirectoryMappings"
            case homeDirectoryType = "HomeDirectoryType"
            case policy = "Policy"
            case posixProfile = "PosixProfile"
            case role = "Role"
            case serverId = "ServerId"
            case sshPublicKeyBody = "SshPublicKeyBody"
            case tags = "Tags"
            case userName = "UserName"
        }
    }

    public struct CreateUserResponse: AWSDecodableShape {
        /// The identifier of the server that the user is attached to.
        public let serverId: String
        /// A unique string that identifies a user account associated with a server.
        public let userName: String

        public init(serverId: String, userName: String) {
            self.serverId = serverId
            self.userName = userName
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
            case userName = "UserName"
        }
    }

    public struct CreateWorkflowRequest: AWSEncodableShape {
        /// A textual description for the workflow.
        public let description: String?
        /// Specifies the steps (actions) to take if errors are encountered during execution of the workflow.  For custom steps, the lambda function needs to send FAILURE to the call back API to kick off the exception steps. Additionally, if the lambda does not send SUCCESS before it times out, the exception steps are executed.
        public let onExceptionSteps: [WorkflowStep]?
        /// Specifies the details for the steps that are in the specified workflow.  The TYPE specifies which of the following actions is being taken for this step.     COPY: Copy the file to another location.    CUSTOM: Perform a custom step with an Lambda function target.    DELETE: Delete the file.    TAG: Add a tag to the file.     Currently, copying and tagging are supported only on S3.   For file location, you specify either the S3 bucket and key, or the EFS file system ID and path.
        public let steps: [WorkflowStep]
        /// Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.
        public let tags: [Tag]?

        public init(description: String? = nil, onExceptionSteps: [WorkflowStep]? = nil, steps: [WorkflowStep], tags: [Tag]? = nil) {
            self.description = description
            self.onExceptionSteps = onExceptionSteps
            self.steps = steps
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.description, name: "description", parent: name, max: 256)
            try self.validate(self.description, name: "description", parent: name, pattern: "^[\\w- ]*$")
            try self.onExceptionSteps?.forEach {
                try $0.validate(name: "\(name).onExceptionSteps[]")
            }
            try self.validate(self.onExceptionSteps, name: "onExceptionSteps", parent: name, max: 8)
            try self.steps.forEach {
                try $0.validate(name: "\(name).steps[]")
            }
            try self.validate(self.steps, name: "steps", parent: name, max: 8)
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
            try self.validate(self.tags, name: "tags", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case description = "Description"
            case onExceptionSteps = "OnExceptionSteps"
            case steps = "Steps"
            case tags = "Tags"
        }
    }

    public struct CreateWorkflowResponse: AWSDecodableShape {
        /// A unique identifier for the workflow.
        public let workflowId: String

        public init(workflowId: String) {
            self.workflowId = workflowId
        }

        private enum CodingKeys: String, CodingKey {
            case workflowId = "WorkflowId"
        }
    }

    public struct CustomStepDetails: AWSEncodableShape & AWSDecodableShape {
        /// The name of the step, used as an identifier.
        public let name: String?
        /// Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.   Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.   Enter ${original.file} to use the originally-uploaded file location as input for this step.
        public let sourceFileLocation: String?
        /// The ARN for the lambda function that is being called.
        public let target: String?
        /// Timeout, in seconds, for the step.
        public let timeoutSeconds: Int?

        public init(name: String? = nil, sourceFileLocation: String? = nil, target: String? = nil, timeoutSeconds: Int? = nil) {
            self.name = name
            self.sourceFileLocation = sourceFileLocation
            self.target = target
            self.timeoutSeconds = timeoutSeconds
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, max: 30)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[\\w-]*$")
            try self.validate(self.sourceFileLocation, name: "sourceFileLocation", parent: name, max: 256)
            try self.validate(self.sourceFileLocation, name: "sourceFileLocation", parent: name, pattern: "^\\$\\{(\\w+.)+\\w+\\}$")
            try self.validate(self.target, name: "target", parent: name, max: 170)
            try self.validate(self.target, name: "target", parent: name, pattern: "^arn:[a-z-]+:lambda:.*$")
            try self.validate(self.timeoutSeconds, name: "timeoutSeconds", parent: name, max: 1800)
            try self.validate(self.timeoutSeconds, name: "timeoutSeconds", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case sourceFileLocation = "SourceFileLocation"
            case target = "Target"
            case timeoutSeconds = "TimeoutSeconds"
        }
    }

    public struct DecryptStepDetails: AWSEncodableShape & AWSDecodableShape {
        public let destinationFileLocation: InputFileLocation
        public let name: String?
        public let overwriteExisting: OverwriteExisting?
        public let sourceFileLocation: String?
        public let type: EncryptionType

        public init(destinationFileLocation: InputFileLocation, name: String? = nil, overwriteExisting: OverwriteExisting? = nil, sourceFileLocation: String? = nil, type: EncryptionType) {
            self.destinationFileLocation = destinationFileLocation
            self.name = name
            self.overwriteExisting = overwriteExisting
            self.sourceFileLocation = sourceFileLocation
            self.type = type
        }

        public func validate(name: String) throws {
            try self.destinationFileLocation.validate(name: "\(name).destinationFileLocation")
            try self.validate(self.name, name: "name", parent: name, max: 30)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[\\w-]*$")
            try self.validate(self.sourceFileLocation, name: "sourceFileLocation", parent: name, max: 256)
            try self.validate(self.sourceFileLocation, name: "sourceFileLocation", parent: name, pattern: "^\\$\\{(\\w+.)+\\w+\\}$")
        }

        private enum CodingKeys: String, CodingKey {
            case destinationFileLocation = "DestinationFileLocation"
            case name = "Name"
            case overwriteExisting = "OverwriteExisting"
            case sourceFileLocation = "SourceFileLocation"
            case type = "Type"
        }
    }

    public struct DeleteAccessRequest: AWSEncodableShape {
        /// A unique identifier that is required to identify specific groups within your directory. The users of the group that you associate have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Transfer Family. If you know the group name, you can view the SID values by running the following command using Windows PowerShell.  Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid  In that command, replace YourGroupName with the name of your Active Directory group. The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@:/-
        public let externalId: String
        /// A system-assigned unique identifier for a server that has this user assigned.
        public let serverId: String

        public init(externalId: String, serverId: String) {
            self.externalId = externalId
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.externalId, name: "externalId", parent: name, max: 256)
            try self.validate(self.externalId, name: "externalId", parent: name, min: 1)
            try self.validate(self.externalId, name: "externalId", parent: name, pattern: "^S-1-[\\d-]+$")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case externalId = "ExternalId"
            case serverId = "ServerId"
        }
    }

    public struct DeleteAgreementRequest: AWSEncodableShape {
        /// A unique identifier for the agreement. This identifier is returned when you create an agreement.
        public let agreementId: String
        /// The server identifier associated with the agreement that you are deleting.
        public let serverId: String

        public init(agreementId: String, serverId: String) {
            self.agreementId = agreementId
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.agreementId, name: "agreementId", parent: name, max: 19)
            try self.validate(self.agreementId, name: "agreementId", parent: name, min: 19)
            try self.validate(self.agreementId, name: "agreementId", parent: name, pattern: "^a-([0-9a-f]{17})$")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case agreementId = "AgreementId"
            case serverId = "ServerId"
        }
    }

    public struct DeleteCertificateRequest: AWSEncodableShape {
        /// The identifier of the certificate object that you are deleting.
        public let certificateId: String

        public init(certificateId: String) {
            self.certificateId = certificateId
        }

        public func validate(name: String) throws {
            try self.validate(self.certificateId, name: "certificateId", parent: name, max: 22)
            try self.validate(self.certificateId, name: "certificateId", parent: name, min: 22)
            try self.validate(self.certificateId, name: "certificateId", parent: name, pattern: "^cert-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case certificateId = "CertificateId"
        }
    }

    public struct DeleteConnectorRequest: AWSEncodableShape {
        /// The unique identifier for the connector.
        public let connectorId: String

        public init(connectorId: String) {
            self.connectorId = connectorId
        }

        public func validate(name: String) throws {
            try self.validate(self.connectorId, name: "connectorId", parent: name, max: 19)
            try self.validate(self.connectorId, name: "connectorId", parent: name, min: 19)
            try self.validate(self.connectorId, name: "connectorId", parent: name, pattern: "^c-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case connectorId = "ConnectorId"
        }
    }

    public struct DeleteHostKeyRequest: AWSEncodableShape {
        /// The identifier of the host key that you are deleting.
        public let hostKeyId: String
        /// The identifier of the server that contains the host key that you are deleting.
        public let serverId: String

        public init(hostKeyId: String, serverId: String) {
            self.hostKeyId = hostKeyId
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.hostKeyId, name: "hostKeyId", parent: name, max: 25)
            try self.validate(self.hostKeyId, name: "hostKeyId", parent: name, min: 25)
            try self.validate(self.hostKeyId, name: "hostKeyId", parent: name, pattern: "^hostkey-[0-9a-f]{17}$")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case hostKeyId = "HostKeyId"
            case serverId = "ServerId"
        }
    }

    public struct DeleteProfileRequest: AWSEncodableShape {
        /// The identifier of the profile that you are deleting.
        public let profileId: String

        public init(profileId: String) {
            self.profileId = profileId
        }

        public func validate(name: String) throws {
            try self.validate(self.profileId, name: "profileId", parent: name, max: 19)
            try self.validate(self.profileId, name: "profileId", parent: name, min: 19)
            try self.validate(self.profileId, name: "profileId", parent: name, pattern: "^p-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case profileId = "ProfileId"
        }
    }

    public struct DeleteServerRequest: AWSEncodableShape {
        /// A unique system-assigned identifier for a server instance.
        public let serverId: String

        public init(serverId: String) {
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
        }
    }

    public struct DeleteSshPublicKeyRequest: AWSEncodableShape {
        /// A system-assigned unique identifier for a file transfer protocol-enabled server instance that has the user assigned to it.
        public let serverId: String
        /// A unique identifier used to reference your user's specific SSH key.
        public let sshPublicKeyId: String
        /// A unique string that identifies a user whose public key is being deleted.
        public let userName: String

        public init(serverId: String, sshPublicKeyId: String, userName: String) {
            self.serverId = serverId
            self.sshPublicKeyId = sshPublicKeyId
            self.userName = userName
        }

        public func validate(name: String) throws {
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
            try self.validate(self.sshPublicKeyId, name: "sshPublicKeyId", parent: name, max: 21)
            try self.validate(self.sshPublicKeyId, name: "sshPublicKeyId", parent: name, min: 21)
            try self.validate(self.sshPublicKeyId, name: "sshPublicKeyId", parent: name, pattern: "^key-[0-9a-f]{17}$")
            try self.validate(self.userName, name: "userName", parent: name, max: 100)
            try self.validate(self.userName, name: "userName", parent: name, min: 3)
            try self.validate(self.userName, name: "userName", parent: name, pattern: "^[\\w][\\w@.-]{2,99}$")
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
            case sshPublicKeyId = "SshPublicKeyId"
            case userName = "UserName"
        }
    }

    public struct DeleteStepDetails: AWSEncodableShape & AWSDecodableShape {
        /// The name of the step, used as an identifier.
        public let name: String?
        /// Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.   Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.   Enter ${original.file} to use the originally-uploaded file location as input for this step.
        public let sourceFileLocation: String?

        public init(name: String? = nil, sourceFileLocation: String? = nil) {
            self.name = name
            self.sourceFileLocation = sourceFileLocation
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, max: 30)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[\\w-]*$")
            try self.validate(self.sourceFileLocation, name: "sourceFileLocation", parent: name, max: 256)
            try self.validate(self.sourceFileLocation, name: "sourceFileLocation", parent: name, pattern: "^\\$\\{(\\w+.)+\\w+\\}$")
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case sourceFileLocation = "SourceFileLocation"
        }
    }

    public struct DeleteUserRequest: AWSEncodableShape {
        /// A system-assigned unique identifier for a server instance that has the user assigned to it.
        public let serverId: String
        /// A unique string that identifies a user that is being deleted from a server.
        public let userName: String

        public init(serverId: String, userName: String) {
            self.serverId = serverId
            self.userName = userName
        }

        public func validate(name: String) throws {
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
            try self.validate(self.userName, name: "userName", parent: name, max: 100)
            try self.validate(self.userName, name: "userName", parent: name, min: 3)
            try self.validate(self.userName, name: "userName", parent: name, pattern: "^[\\w][\\w@.-]{2,99}$")
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
            case userName = "UserName"
        }
    }

    public struct DeleteWorkflowRequest: AWSEncodableShape {
        /// A unique identifier for the workflow.
        public let workflowId: String

        public init(workflowId: String) {
            self.workflowId = workflowId
        }

        public func validate(name: String) throws {
            try self.validate(self.workflowId, name: "workflowId", parent: name, max: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, min: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, pattern: "^w-([a-z0-9]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case workflowId = "WorkflowId"
        }
    }

    public struct DescribeAccessRequest: AWSEncodableShape {
        /// A unique identifier that is required to identify specific groups within your directory. The users of the group that you associate have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Transfer Family. If you know the group name, you can view the SID values by running the following command using Windows PowerShell.  Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid  In that command, replace YourGroupName with the name of your Active Directory group. The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@:/-
        public let externalId: String
        /// A system-assigned unique identifier for a server that has this access assigned.
        public let serverId: String

        public init(externalId: String, serverId: String) {
            self.externalId = externalId
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.externalId, name: "externalId", parent: name, max: 256)
            try self.validate(self.externalId, name: "externalId", parent: name, min: 1)
            try self.validate(self.externalId, name: "externalId", parent: name, pattern: "^S-1-[\\d-]+$")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case externalId = "ExternalId"
            case serverId = "ServerId"
        }
    }

    public struct DescribeAccessResponse: AWSDecodableShape {
        /// The external identifier of the server that the access is attached to.
        public let access: DescribedAccess
        /// A system-assigned unique identifier for a server that has this access assigned.
        public let serverId: String

        public init(access: DescribedAccess, serverId: String) {
            self.access = access
            self.serverId = serverId
        }

        private enum CodingKeys: String, CodingKey {
            case access = "Access"
            case serverId = "ServerId"
        }
    }

    public struct DescribeAgreementRequest: AWSEncodableShape {
        /// A unique identifier for the agreement. This identifier is returned when you create an agreement.
        public let agreementId: String
        /// The server identifier that's associated with the agreement.
        public let serverId: String

        public init(agreementId: String, serverId: String) {
            self.agreementId = agreementId
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.agreementId, name: "agreementId", parent: name, max: 19)
            try self.validate(self.agreementId, name: "agreementId", parent: name, min: 19)
            try self.validate(self.agreementId, name: "agreementId", parent: name, pattern: "^a-([0-9a-f]{17})$")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case agreementId = "AgreementId"
            case serverId = "ServerId"
        }
    }

    public struct DescribeAgreementResponse: AWSDecodableShape {
        /// The details for the specified agreement, returned as a DescribedAgreement object.
        public let agreement: DescribedAgreement

        public init(agreement: DescribedAgreement) {
            self.agreement = agreement
        }

        private enum CodingKeys: String, CodingKey {
            case agreement = "Agreement"
        }
    }

    public struct DescribeCertificateRequest: AWSEncodableShape {
        /// An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
        public let certificateId: String

        public init(certificateId: String) {
            self.certificateId = certificateId
        }

        public func validate(name: String) throws {
            try self.validate(self.certificateId, name: "certificateId", parent: name, max: 22)
            try self.validate(self.certificateId, name: "certificateId", parent: name, min: 22)
            try self.validate(self.certificateId, name: "certificateId", parent: name, pattern: "^cert-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case certificateId = "CertificateId"
        }
    }

    public struct DescribeCertificateResponse: AWSDecodableShape {
        /// The details for the specified certificate, returned as an object.
        public let certificate: DescribedCertificate

        public init(certificate: DescribedCertificate) {
            self.certificate = certificate
        }

        private enum CodingKeys: String, CodingKey {
            case certificate = "Certificate"
        }
    }

    public struct DescribeConnectorRequest: AWSEncodableShape {
        /// The unique identifier for the connector.
        public let connectorId: String

        public init(connectorId: String) {
            self.connectorId = connectorId
        }

        public func validate(name: String) throws {
            try self.validate(self.connectorId, name: "connectorId", parent: name, max: 19)
            try self.validate(self.connectorId, name: "connectorId", parent: name, min: 19)
            try self.validate(self.connectorId, name: "connectorId", parent: name, pattern: "^c-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case connectorId = "ConnectorId"
        }
    }

    public struct DescribeConnectorResponse: AWSDecodableShape {
        /// The structure that contains the details of the connector.
        public let connector: DescribedConnector

        public init(connector: DescribedConnector) {
            self.connector = connector
        }

        private enum CodingKeys: String, CodingKey {
            case connector = "Connector"
        }
    }

    public struct DescribeExecutionRequest: AWSEncodableShape {
        /// A unique identifier for the execution of a workflow.
        public let executionId: String
        /// A unique identifier for the workflow.
        public let workflowId: String

        public init(executionId: String, workflowId: String) {
            self.executionId = executionId
            self.workflowId = workflowId
        }

        public func validate(name: String) throws {
            try self.validate(self.executionId, name: "executionId", parent: name, max: 36)
            try self.validate(self.executionId, name: "executionId", parent: name, min: 36)
            try self.validate(self.executionId, name: "executionId", parent: name, pattern: "^[0-9a-fA-F]{8}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{12}$")
            try self.validate(self.workflowId, name: "workflowId", parent: name, max: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, min: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, pattern: "^w-([a-z0-9]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case executionId = "ExecutionId"
            case workflowId = "WorkflowId"
        }
    }

    public struct DescribeExecutionResponse: AWSDecodableShape {
        /// The structure that contains the details of the workflow' execution.
        public let execution: DescribedExecution
        /// A unique identifier for the workflow.
        public let workflowId: String

        public init(execution: DescribedExecution, workflowId: String) {
            self.execution = execution
            self.workflowId = workflowId
        }

        private enum CodingKeys: String, CodingKey {
            case execution = "Execution"
            case workflowId = "WorkflowId"
        }
    }

    public struct DescribeHostKeyRequest: AWSEncodableShape {
        /// The identifier of the host key that you want described.
        public let hostKeyId: String
        /// The identifier of the server that contains the host key that you want described.
        public let serverId: String

        public init(hostKeyId: String, serverId: String) {
            self.hostKeyId = hostKeyId
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.hostKeyId, name: "hostKeyId", parent: name, max: 25)
            try self.validate(self.hostKeyId, name: "hostKeyId", parent: name, min: 25)
            try self.validate(self.hostKeyId, name: "hostKeyId", parent: name, pattern: "^hostkey-[0-9a-f]{17}$")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case hostKeyId = "HostKeyId"
            case serverId = "ServerId"
        }
    }

    public struct DescribeHostKeyResponse: AWSDecodableShape {
        /// Returns the details for the specified host key.
        public let hostKey: DescribedHostKey

        public init(hostKey: DescribedHostKey) {
            self.hostKey = hostKey
        }

        private enum CodingKeys: String, CodingKey {
            case hostKey = "HostKey"
        }
    }

    public struct DescribeProfileRequest: AWSEncodableShape {
        /// The identifier of the profile that you want described.
        public let profileId: String

        public init(profileId: String) {
            self.profileId = profileId
        }

        public func validate(name: String) throws {
            try self.validate(self.profileId, name: "profileId", parent: name, max: 19)
            try self.validate(self.profileId, name: "profileId", parent: name, min: 19)
            try self.validate(self.profileId, name: "profileId", parent: name, pattern: "^p-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case profileId = "ProfileId"
        }
    }

    public struct DescribeProfileResponse: AWSDecodableShape {
        /// The details of the specified profile, returned as an object.
        public let profile: DescribedProfile

        public init(profile: DescribedProfile) {
            self.profile = profile
        }

        private enum CodingKeys: String, CodingKey {
            case profile = "Profile"
        }
    }

    public struct DescribeSecurityPolicyRequest: AWSEncodableShape {
        /// Specifies the name of the security policy that is attached to the server.
        public let securityPolicyName: String

        public init(securityPolicyName: String) {
            self.securityPolicyName = securityPolicyName
        }

        public func validate(name: String) throws {
            try self.validate(self.securityPolicyName, name: "securityPolicyName", parent: name, max: 100)
            try self.validate(self.securityPolicyName, name: "securityPolicyName", parent: name, pattern: "^TransferSecurityPolicy-.+$")
        }

        private enum CodingKeys: String, CodingKey {
            case securityPolicyName = "SecurityPolicyName"
        }
    }

    public struct DescribeSecurityPolicyResponse: AWSDecodableShape {
        /// An array containing the properties of the security policy.
        public let securityPolicy: DescribedSecurityPolicy

        public init(securityPolicy: DescribedSecurityPolicy) {
            self.securityPolicy = securityPolicy
        }

        private enum CodingKeys: String, CodingKey {
            case securityPolicy = "SecurityPolicy"
        }
    }

    public struct DescribeServerRequest: AWSEncodableShape {
        /// A system-assigned unique identifier for a server.
        public let serverId: String

        public init(serverId: String) {
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
        }
    }

    public struct DescribeServerResponse: AWSDecodableShape {
        /// An array containing the properties of a server with the ServerID you specified.
        public let server: DescribedServer

        public init(server: DescribedServer) {
            self.server = server
        }

        private enum CodingKeys: String, CodingKey {
            case server = "Server"
        }
    }

    public struct DescribeUserRequest: AWSEncodableShape {
        /// A system-assigned unique identifier for a server that has this user assigned.
        public let serverId: String
        /// The name of the user assigned to one or more servers. User names are part of the sign-in credentials to use the Transfer Family service and perform file transfer tasks.
        public let userName: String

        public init(serverId: String, userName: String) {
            self.serverId = serverId
            self.userName = userName
        }

        public func validate(name: String) throws {
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
            try self.validate(self.userName, name: "userName", parent: name, max: 100)
            try self.validate(self.userName, name: "userName", parent: name, min: 3)
            try self.validate(self.userName, name: "userName", parent: name, pattern: "^[\\w][\\w@.-]{2,99}$")
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
            case userName = "UserName"
        }
    }

    public struct DescribeUserResponse: AWSDecodableShape {
        /// A system-assigned unique identifier for a server that has this user assigned.
        public let serverId: String
        /// An array containing the properties of the user account for the ServerID value that you specified.
        public let user: DescribedUser

        public init(serverId: String, user: DescribedUser) {
            self.serverId = serverId
            self.user = user
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
            case user = "User"
        }
    }

    public struct DescribeWorkflowRequest: AWSEncodableShape {
        /// A unique identifier for the workflow.
        public let workflowId: String

        public init(workflowId: String) {
            self.workflowId = workflowId
        }

        public func validate(name: String) throws {
            try self.validate(self.workflowId, name: "workflowId", parent: name, max: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, min: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, pattern: "^w-([a-z0-9]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case workflowId = "WorkflowId"
        }
    }

    public struct DescribeWorkflowResponse: AWSDecodableShape {
        /// The structure that contains the details of the workflow.
        public let workflow: DescribedWorkflow

        public init(workflow: DescribedWorkflow) {
            self.workflow = workflow
        }

        private enum CodingKeys: String, CodingKey {
            case workflow = "Workflow"
        }
    }

    public struct DescribedAccess: AWSDecodableShape {
        /// A unique identifier that is required to identify specific groups within your directory. The users of the group that you associate have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Transfer Family. If you know the group name, you can view the SID values by running the following command using Windows PowerShell.  Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid  In that command, replace YourGroupName with the name of your Active Directory group. The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@:/-
        public let externalId: String?
        /// The landing directory (folder) for a user when they log in to the server using the client. A HomeDirectory example is /bucket_name/home/mydirectory.
        public let homeDirectory: String?
        /// Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)  role provides access to paths in Target. This value can be set only when HomeDirectoryType is set to LOGICAL. In most cases, you can use this value instead of the session policy to lock down the associated access to the designated home directory ("chroot"). To do this, you can set Entry to '/' and set Target to the HomeDirectory parameter value.
        public let homeDirectoryMappings: [HomeDirectoryMapEntry]?
        /// The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer  protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for  how you want to make Amazon S3 or Amazon EFS paths visible to your users.
        public let homeDirectoryType: HomeDirectoryType?
        /// A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.
        public let policy: String?
        public let posixProfile: PosixProfile?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3  bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users  when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust  relationship that allows the server to access your resources when servicing your users' transfer requests.
        public let role: String?

        public init(externalId: String? = nil, homeDirectory: String? = nil, homeDirectoryMappings: [HomeDirectoryMapEntry]? = nil, homeDirectoryType: HomeDirectoryType? = nil, policy: String? = nil, posixProfile: PosixProfile? = nil, role: String? = nil) {
            self.externalId = externalId
            self.homeDirectory = homeDirectory
            self.homeDirectoryMappings = homeDirectoryMappings
            self.homeDirectoryType = homeDirectoryType
            self.policy = policy
            self.posixProfile = posixProfile
            self.role = role
        }

        private enum CodingKeys: String, CodingKey {
            case externalId = "ExternalId"
            case homeDirectory = "HomeDirectory"
            case homeDirectoryMappings = "HomeDirectoryMappings"
            case homeDirectoryType = "HomeDirectoryType"
            case policy = "Policy"
            case posixProfile = "PosixProfile"
            case role = "Role"
        }
    }

    public struct DescribedAgreement: AWSDecodableShape {
        /// With AS2, you can send files by calling StartFileTransfer and specifying the file paths in the request parameter, SendFilePaths. We use the file’s parent directory (for example, for --send-file-paths /bucket/dir/file.txt, parent directory is /bucket/dir/) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the AccessRole needs to provide read and write access to the parent directory of the file location used in the StartFileTransfer request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with StartFileTransfer.
        public let accessRole: String?
        /// A unique identifier for the agreement. This identifier is returned when you create an agreement.
        public let agreementId: String?
        /// The unique Amazon Resource Name (ARN) for the agreement.
        public let arn: String
        /// The landing directory (folder) for files that are transferred by using the AS2 protocol.
        public let baseDirectory: String?
        /// The name or short description that's used to identify the agreement.
        public let description: String?
        /// A unique identifier for the AS2 local profile.
        public let localProfileId: String?
        /// A unique identifier for the partner profile used in the agreement.
        public let partnerProfileId: String?
        /// A system-assigned unique identifier for a server instance. This identifier indicates the specific server that the agreement uses.
        public let serverId: String?
        /// The current status of the agreement, either ACTIVE or INACTIVE.
        public let status: AgreementStatusType?
        /// Key-value pairs that can be used to group and search for agreements.
        public let tags: [Tag]?

        public init(accessRole: String? = nil, agreementId: String? = nil, arn: String, baseDirectory: String? = nil, description: String? = nil, localProfileId: String? = nil, partnerProfileId: String? = nil, serverId: String? = nil, status: AgreementStatusType? = nil, tags: [Tag]? = nil) {
            self.accessRole = accessRole
            self.agreementId = agreementId
            self.arn = arn
            self.baseDirectory = baseDirectory
            self.description = description
            self.localProfileId = localProfileId
            self.partnerProfileId = partnerProfileId
            self.serverId = serverId
            self.status = status
            self.tags = tags
        }

        private enum CodingKeys: String, CodingKey {
            case accessRole = "AccessRole"
            case agreementId = "AgreementId"
            case arn = "Arn"
            case baseDirectory = "BaseDirectory"
            case description = "Description"
            case localProfileId = "LocalProfileId"
            case partnerProfileId = "PartnerProfileId"
            case serverId = "ServerId"
            case status = "Status"
            case tags = "Tags"
        }
    }

    public struct DescribedCertificate: AWSDecodableShape {
        /// An optional date that specifies when the certificate becomes active.
        public let activeDate: Date?
        /// The unique Amazon Resource Name (ARN) for the certificate.
        public let arn: String
        /// The file name for the certificate.
        public let certificate: String?
        /// The list of certificates that make up the chain for the certificate.
        public let certificateChain: String?
        /// An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
        public let certificateId: String?
        /// The name or description that's used to identity the certificate.
        public let description: String?
        /// An optional date that specifies when the certificate becomes inactive.
        public let inactiveDate: Date?
        /// The final date that the certificate is valid.
        public let notAfterDate: Date?
        /// The earliest date that the certificate is valid.
        public let notBeforeDate: Date?
        /// The serial number for the certificate.
        public let serial: String?
        /// The certificate can be either ACTIVE, PENDING_ROTATION, or INACTIVE. PENDING_ROTATION means that this certificate will replace the current certificate when it expires.
        public let status: CertificateStatusType?
        /// Key-value pairs that can be used to group and search for certificates.
        public let tags: [Tag]?
        /// If a private key has been specified for the certificate, its type is CERTIFICATE_WITH_PRIVATE_KEY. If there is no private key, the type is CERTIFICATE.
        public let type: CertificateType?
        /// Specifies whether this certificate is used for signing or encryption.
        public let usage: CertificateUsageType?

        public init(activeDate: Date? = nil, arn: String, certificate: String? = nil, certificateChain: String? = nil, certificateId: String? = nil, description: String? = nil, inactiveDate: Date? = nil, notAfterDate: Date? = nil, notBeforeDate: Date? = nil, serial: String? = nil, status: CertificateStatusType? = nil, tags: [Tag]? = nil, type: CertificateType? = nil, usage: CertificateUsageType? = nil) {
            self.activeDate = activeDate
            self.arn = arn
            self.certificate = certificate
            self.certificateChain = certificateChain
            self.certificateId = certificateId
            self.description = description
            self.inactiveDate = inactiveDate
            self.notAfterDate = notAfterDate
            self.notBeforeDate = notBeforeDate
            self.serial = serial
            self.status = status
            self.tags = tags
            self.type = type
            self.usage = usage
        }

        private enum CodingKeys: String, CodingKey {
            case activeDate = "ActiveDate"
            case arn = "Arn"
            case certificate = "Certificate"
            case certificateChain = "CertificateChain"
            case certificateId = "CertificateId"
            case description = "Description"
            case inactiveDate = "InactiveDate"
            case notAfterDate = "NotAfterDate"
            case notBeforeDate = "NotBeforeDate"
            case serial = "Serial"
            case status = "Status"
            case tags = "Tags"
            case type = "Type"
            case usage = "Usage"
        }
    }

    public struct DescribedConnector: AWSDecodableShape {
        /// With AS2, you can send files by calling StartFileTransfer and specifying the file paths in the request parameter, SendFilePaths. We use the file’s parent directory (for example, for --send-file-paths /bucket/dir/file.txt, parent directory is /bucket/dir/) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the AccessRole needs to provide read and write access to the parent directory of the file location used in the StartFileTransfer request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with StartFileTransfer.
        public let accessRole: String?
        /// The unique Amazon Resource Name (ARN) for the connector.
        public let arn: String
        /// A structure that contains the parameters for a connector object.
        public let as2Config: As2ConnectorConfig?
        /// The unique identifier for the connector.
        public let connectorId: String?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.
        public let loggingRole: String?
        /// Key-value pairs that can be used to group and search for connectors.
        public let tags: [Tag]?
        /// The URL of the partner's AS2 endpoint.
        public let url: String?

        public init(accessRole: String? = nil, arn: String, as2Config: As2ConnectorConfig? = nil, connectorId: String? = nil, loggingRole: String? = nil, tags: [Tag]? = nil, url: String? = nil) {
            self.accessRole = accessRole
            self.arn = arn
            self.as2Config = as2Config
            self.connectorId = connectorId
            self.loggingRole = loggingRole
            self.tags = tags
            self.url = url
        }

        private enum CodingKeys: String, CodingKey {
            case accessRole = "AccessRole"
            case arn = "Arn"
            case as2Config = "As2Config"
            case connectorId = "ConnectorId"
            case loggingRole = "LoggingRole"
            case tags = "Tags"
            case url = "Url"
        }
    }

    public struct DescribedExecution: AWSDecodableShape {
        /// A unique identifier for the execution of a workflow.
        public let executionId: String?
        /// The IAM role associated with the execution.
        public let executionRole: String?
        /// A structure that describes the Amazon S3 or EFS file location. This is the file location when the execution begins: if the file is being copied, this is the initial (as opposed to destination) file location.
        public let initialFileLocation: FileLocation?
        /// The IAM logging role associated with the execution.
        public let loggingConfiguration: LoggingConfiguration?
        public let posixProfile: PosixProfile?
        /// A structure that describes the execution results. This includes a list of the steps along with the details of each step, error type and message (if any), and the OnExceptionSteps structure.
        public let results: ExecutionResults?
        /// A container object for the session details that are associated with a workflow.
        public let serviceMetadata: ServiceMetadata?
        /// The status is one of the execution. Can be in progress, completed, exception encountered, or handling the exception.
        public let status: ExecutionStatus?

        public init(executionId: String? = nil, executionRole: String? = nil, initialFileLocation: FileLocation? = nil, loggingConfiguration: LoggingConfiguration? = nil, posixProfile: PosixProfile? = nil, results: ExecutionResults? = nil, serviceMetadata: ServiceMetadata? = nil, status: ExecutionStatus? = nil) {
            self.executionId = executionId
            self.executionRole = executionRole
            self.initialFileLocation = initialFileLocation
            self.loggingConfiguration = loggingConfiguration
            self.posixProfile = posixProfile
            self.results = results
            self.serviceMetadata = serviceMetadata
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case executionId = "ExecutionId"
            case executionRole = "ExecutionRole"
            case initialFileLocation = "InitialFileLocation"
            case loggingConfiguration = "LoggingConfiguration"
            case posixProfile = "PosixProfile"
            case results = "Results"
            case serviceMetadata = "ServiceMetadata"
            case status = "Status"
        }
    }

    public struct DescribedHostKey: AWSDecodableShape {
        /// The unique Amazon Resource Name (ARN) for the host key.
        public let arn: String
        /// The date on which the host key was added to the server.
        public let dateImported: Date?
        /// The text description for this host key.
        public let description: String?
        /// The public key fingerprint, which is a short sequence of bytes used to identify the longer public key.
        public let hostKeyFingerprint: String?
        /// A unique identifier for the host key.
        public let hostKeyId: String?
        /// Key-value pairs that can be used to group and search for host keys.
        public let tags: [Tag]?
        /// The encryption algorithm that is used for the host key. The Type parameter is specified by using one of the following values:    ssh-rsa     ssh-ed25519     ecdsa-sha2-nistp256     ecdsa-sha2-nistp384     ecdsa-sha2-nistp521
        public let type: String?

        public init(arn: String, dateImported: Date? = nil, description: String? = nil, hostKeyFingerprint: String? = nil, hostKeyId: String? = nil, tags: [Tag]? = nil, type: String? = nil) {
            self.arn = arn
            self.dateImported = dateImported
            self.description = description
            self.hostKeyFingerprint = hostKeyFingerprint
            self.hostKeyId = hostKeyId
            self.tags = tags
            self.type = type
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case dateImported = "DateImported"
            case description = "Description"
            case hostKeyFingerprint = "HostKeyFingerprint"
            case hostKeyId = "HostKeyId"
            case tags = "Tags"
            case type = "Type"
        }
    }

    public struct DescribedProfile: AWSDecodableShape {
        /// The unique Amazon Resource Name (ARN) for the profile.
        public let arn: String
        /// The As2Id is the AS2-name, as defined in the  RFC 4130. For inbound transfers, this is the AS2-From header for the AS2 messages sent from the partner. For outbound connectors, this is the AS2-To header for the AS2 messages sent to the partner using the StartFileTransfer API operation. This ID cannot include spaces.
        public let as2Id: String?
        /// An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
        public let certificateIds: [String]?
        /// A unique identifier for the local or partner AS2 profile.
        public let profileId: String?
        /// Indicates whether to list only LOCAL type profiles or only PARTNER type profiles.  If not supplied in the request, the command lists all types of profiles.
        public let profileType: ProfileType?
        /// Key-value pairs that can be used to group and search for profiles.
        public let tags: [Tag]?

        public init(arn: String, as2Id: String? = nil, certificateIds: [String]? = nil, profileId: String? = nil, profileType: ProfileType? = nil, tags: [Tag]? = nil) {
            self.arn = arn
            self.as2Id = as2Id
            self.certificateIds = certificateIds
            self.profileId = profileId
            self.profileType = profileType
            self.tags = tags
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case as2Id = "As2Id"
            case certificateIds = "CertificateIds"
            case profileId = "ProfileId"
            case profileType = "ProfileType"
            case tags = "Tags"
        }
    }

    public struct DescribedSecurityPolicy: AWSDecodableShape {
        /// Specifies whether this policy enables Federal Information Processing Standards (FIPS).
        public let fips: Bool?
        /// Specifies the name of the security policy that is attached to the server.
        public let securityPolicyName: String
        /// Specifies the enabled Secure Shell (SSH) cipher encryption algorithms in the security policy that is attached to the server.
        public let sshCiphers: [String]?
        /// Specifies the enabled SSH key exchange (KEX) encryption algorithms in the security policy that is attached to the server.
        public let sshKexs: [String]?
        /// Specifies the enabled SSH message authentication code (MAC) encryption algorithms in the security policy that is attached to the server.
        public let sshMacs: [String]?
        /// Specifies the enabled Transport Layer Security (TLS) cipher encryption algorithms in the security policy that is attached to the server.
        public let tlsCiphers: [String]?

        public init(fips: Bool? = nil, securityPolicyName: String, sshCiphers: [String]? = nil, sshKexs: [String]? = nil, sshMacs: [String]? = nil, tlsCiphers: [String]? = nil) {
            self.fips = fips
            self.securityPolicyName = securityPolicyName
            self.sshCiphers = sshCiphers
            self.sshKexs = sshKexs
            self.sshMacs = sshMacs
            self.tlsCiphers = tlsCiphers
        }

        private enum CodingKeys: String, CodingKey {
            case fips = "Fips"
            case securityPolicyName = "SecurityPolicyName"
            case sshCiphers = "SshCiphers"
            case sshKexs = "SshKexs"
            case sshMacs = "SshMacs"
            case tlsCiphers = "TlsCiphers"
        }
    }

    public struct DescribedServer: AWSDecodableShape {
        /// Specifies the unique Amazon Resource Name (ARN) of the server.
        public let arn: String
        /// Specifies the ARN of the Amazon Web ServicesCertificate Manager (ACM) certificate. Required when Protocols is set to FTPS.
        public let certificate: String?
        /// Specifies the domain of the storage system that is used for file transfers.
        public let domain: Domain?
        /// The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.
        public let endpointDetails: EndpointDetails?
        /// Defines the type of endpoint that your server is connected to. If your server is connected to a VPC endpoint, your server isn't accessible over the public internet.
        public let endpointType: EndpointType?
        /// Specifies the Base64-encoded SHA256 fingerprint of the server's host key. This value is equivalent to the output of the ssh-keygen -l -f my-new-server-key command.
        public let hostKeyFingerprint: String?
        /// Specifies information to call a customer-supplied authentication API. This field is not populated when the IdentityProviderType of a server is AWS_DIRECTORY_SERVICE or SERVICE_MANAGED.
        public let identityProviderDetails: IdentityProviderDetails?
        /// The mode of authentication for a server. The default value is SERVICE_MANAGED, which allows you to store and access user credentials within the Transfer Family service. Use AWS_DIRECTORY_SERVICE to provide access to Active Directory groups in Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in Amazon Web Services using AD Connector. This option also requires you to provide a Directory ID by using the IdentityProviderDetails parameter. Use the API_GATEWAY value to integrate with an identity provider of your choosing. The API_GATEWAY setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the IdentityProviderDetails parameter. Use the AWS_LAMBDA value to directly use an Lambda function as your identity provider.  If you choose this value, you must specify the ARN for the Lambda function in the Function parameter  or the IdentityProviderDetails data type.
        public let identityProviderType: IdentityProviderType?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.
        public let loggingRole: String?
        /// Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.  The SFTP protocol does not support post-authentication display banners.
        public let postAuthenticationLoginBanner: String?
        /// Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:  This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.
        public let preAuthenticationLoginBanner: String?
        /// The protocol settings that are configured for your server.    To indicate passive mode (for FTP and FTPS protocols), use the PassiveIp parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.    To ignore the error that is generated when the client attempts to use the SETSTAT command on a file that you are  uploading to an Amazon S3 bucket, use the SetStatOption parameter. To have the Transfer Family server ignore the  SETSTAT command and upload files without needing to make any changes to your SFTP client, set the value to  ENABLE_NO_OP. If you set the SetStatOption parameter to ENABLE_NO_OP, Transfer Family  generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a SETSTAT  call.   To determine whether your Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the  TlsSessionResumptionMode parameter.    As2Transports indicates the transport method for the AS2 messages. Currently, only HTTP is supported.
        public let protocolDetails: ProtocolDetails?
        /// Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:    SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH    FTPS (File Transfer Protocol Secure): File transfer with TLS encryption    FTP (File Transfer Protocol): Unencrypted file transfer    AS2 (Applicability Statement 2): used for transporting structured business-to-business data      If you select FTPS, you must choose a certificate stored in Certificate Manager (ACM)  which is used to identify your server when clients connect to it over FTPS.   If Protocol includes either FTP or FTPS, then the EndpointType must be VPC and the IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.   If Protocol includes FTP, then AddressAllocationIds cannot be associated.   If Protocol is set only to SFTP, the EndpointType can be set to PUBLIC and the IdentityProviderType can be set to SERVICE_MANAGED.   If Protocol includes AS2, then the EndpointType must be VPC, and domain must be Amazon S3.
        public let protocols: [`Protocol`]?
        /// Specifies the name of the security policy that is attached to the server.
        public let securityPolicyName: String?
        /// Specifies the unique system-assigned identifier for a server that you instantiate.
        public let serverId: String?
        /// The condition of the server that was described. A value of ONLINE indicates that the server can accept jobs and transfer files. A State value of OFFLINE means that the server cannot perform file transfer operations. The states of STARTING and STOPPING indicate that the server is in an intermediate state, either not fully able to respond, or not fully offline. The values of START_FAILED or STOP_FAILED can indicate an error condition.
        public let state: State?
        /// Specifies the key-value pairs that you can use to search for and group servers that were assigned to the server that was described.
        public let tags: [Tag]?
        /// Specifies the number of users that are assigned to a server you specified with the ServerId.
        public let userCount: Int?
        /// Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow. In additon to a workflow to execute when a file is uploaded completely, WorkflowDeatails can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects.
        public let workflowDetails: WorkflowDetails?

        public init(arn: String, certificate: String? = nil, domain: Domain? = nil, endpointDetails: EndpointDetails? = nil, endpointType: EndpointType? = nil, hostKeyFingerprint: String? = nil, identityProviderDetails: IdentityProviderDetails? = nil, identityProviderType: IdentityProviderType? = nil, loggingRole: String? = nil, postAuthenticationLoginBanner: String? = nil, preAuthenticationLoginBanner: String? = nil, protocolDetails: ProtocolDetails? = nil, protocols: [`Protocol`]? = nil, securityPolicyName: String? = nil, serverId: String? = nil, state: State? = nil, tags: [Tag]? = nil, userCount: Int? = nil, workflowDetails: WorkflowDetails? = nil) {
            self.arn = arn
            self.certificate = certificate
            self.domain = domain
            self.endpointDetails = endpointDetails
            self.endpointType = endpointType
            self.hostKeyFingerprint = hostKeyFingerprint
            self.identityProviderDetails = identityProviderDetails
            self.identityProviderType = identityProviderType
            self.loggingRole = loggingRole
            self.postAuthenticationLoginBanner = postAuthenticationLoginBanner
            self.preAuthenticationLoginBanner = preAuthenticationLoginBanner
            self.protocolDetails = protocolDetails
            self.protocols = protocols
            self.securityPolicyName = securityPolicyName
            self.serverId = serverId
            self.state = state
            self.tags = tags
            self.userCount = userCount
            self.workflowDetails = workflowDetails
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case certificate = "Certificate"
            case domain = "Domain"
            case endpointDetails = "EndpointDetails"
            case endpointType = "EndpointType"
            case hostKeyFingerprint = "HostKeyFingerprint"
            case identityProviderDetails = "IdentityProviderDetails"
            case identityProviderType = "IdentityProviderType"
            case loggingRole = "LoggingRole"
            case postAuthenticationLoginBanner = "PostAuthenticationLoginBanner"
            case preAuthenticationLoginBanner = "PreAuthenticationLoginBanner"
            case protocolDetails = "ProtocolDetails"
            case protocols = "Protocols"
            case securityPolicyName = "SecurityPolicyName"
            case serverId = "ServerId"
            case state = "State"
            case tags = "Tags"
            case userCount = "UserCount"
            case workflowDetails = "WorkflowDetails"
        }
    }

    public struct DescribedUser: AWSDecodableShape {
        /// Specifies the unique Amazon Resource Name (ARN) for the user that was requested to be described.
        public let arn: String
        /// The landing directory (folder) for a user when they log in to the server using the client. A HomeDirectory example is /bucket_name/home/mydirectory.
        public let homeDirectory: String?
        /// Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)  role provides access to paths in Target. This value can be set only when HomeDirectoryType is set to LOGICAL. In most cases, you can use this value instead of the session policy to lock your user down to the designated home directory ("chroot"). To do this, you can set Entry to '/' and set Target to the HomeDirectory parameter value.
        public let homeDirectoryMappings: [HomeDirectoryMapEntry]?
        /// The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer  protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for  how you want to make Amazon S3 or Amazon EFS paths visible to your users.
        public let homeDirectoryType: HomeDirectoryType?
        /// A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.
        public let policy: String?
        /// Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon Elastic File System (Amazon EFS) file systems. The POSIX permissions that are set on files and directories in your file system determine the level of access your users get when transferring files into and out of your Amazon EFS file systems.
        public let posixProfile: PosixProfile?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3  bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users  when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust  relationship that allows the server to access your resources when servicing your users' transfer requests.
        public let role: String?
        /// Specifies the public key portion of the Secure Shell (SSH) keys stored for the described user.
        public let sshPublicKeys: [SshPublicKey]?
        /// Specifies the key-value pairs for the user requested. Tag can be used to search for and group users for a variety of purposes.
        public let tags: [Tag]?
        /// Specifies the name of the user that was requested to be described. User names are used for authentication purposes. This is the string that will be used by your user when they log in to your server.
        public let userName: String?

        public init(arn: String, homeDirectory: String? = nil, homeDirectoryMappings: [HomeDirectoryMapEntry]? = nil, homeDirectoryType: HomeDirectoryType? = nil, policy: String? = nil, posixProfile: PosixProfile? = nil, role: String? = nil, sshPublicKeys: [SshPublicKey]? = nil, tags: [Tag]? = nil, userName: String? = nil) {
            self.arn = arn
            self.homeDirectory = homeDirectory
            self.homeDirectoryMappings = homeDirectoryMappings
            self.homeDirectoryType = homeDirectoryType
            self.policy = policy
            self.posixProfile = posixProfile
            self.role = role
            self.sshPublicKeys = sshPublicKeys
            self.tags = tags
            self.userName = userName
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case homeDirectory = "HomeDirectory"
            case homeDirectoryMappings = "HomeDirectoryMappings"
            case homeDirectoryType = "HomeDirectoryType"
            case policy = "Policy"
            case posixProfile = "PosixProfile"
            case role = "Role"
            case sshPublicKeys = "SshPublicKeys"
            case tags = "Tags"
            case userName = "UserName"
        }
    }

    public struct DescribedWorkflow: AWSDecodableShape {
        /// Specifies the unique Amazon Resource Name (ARN) for the workflow.
        public let arn: String
        /// Specifies the text description for the workflow.
        public let description: String?
        /// Specifies the steps (actions) to take if errors are encountered during execution of the workflow.
        public let onExceptionSteps: [WorkflowStep]?
        /// Specifies the details for the steps that are in the specified workflow.
        public let steps: [WorkflowStep]?
        /// Key-value pairs that can be used to group and search for workflows. Tags are metadata attached to workflows for any purpose.
        public let tags: [Tag]?
        /// A unique identifier for the workflow.
        public let workflowId: String?

        public init(arn: String, description: String? = nil, onExceptionSteps: [WorkflowStep]? = nil, steps: [WorkflowStep]? = nil, tags: [Tag]? = nil, workflowId: String? = nil) {
            self.arn = arn
            self.description = description
            self.onExceptionSteps = onExceptionSteps
            self.steps = steps
            self.tags = tags
            self.workflowId = workflowId
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case description = "Description"
            case onExceptionSteps = "OnExceptionSteps"
            case steps = "Steps"
            case tags = "Tags"
            case workflowId = "WorkflowId"
        }
    }

    public struct EfsFileLocation: AWSEncodableShape & AWSDecodableShape {
        /// The identifier of the file system, assigned by Amazon EFS.
        public let fileSystemId: String?
        /// The pathname for the folder being used by a workflow.
        public let path: String?

        public init(fileSystemId: String? = nil, path: String? = nil) {
            self.fileSystemId = fileSystemId
            self.path = path
        }

        public func validate(name: String) throws {
            try self.validate(self.fileSystemId, name: "fileSystemId", parent: name, max: 128)
            try self.validate(self.fileSystemId, name: "fileSystemId", parent: name, pattern: "^(arn:aws[-a-z]*:elasticfilesystem:[0-9a-z-:]+:(access-point/fsap|file-system/fs)-[0-9a-f]{8,40}|fs(ap)?-[0-9a-f]{8,40})$")
            try self.validate(self.path, name: "path", parent: name, max: 65536)
            try self.validate(self.path, name: "path", parent: name, min: 1)
            try self.validate(self.path, name: "path", parent: name, pattern: "^[^\\x00]+$")
        }

        private enum CodingKeys: String, CodingKey {
            case fileSystemId = "FileSystemId"
            case path = "Path"
        }
    }

    public struct EndpointDetails: AWSEncodableShape & AWSDecodableShape {
        /// A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint.  This property can only be set when EndpointType is set to VPC and it is only valid in the UpdateServer API.
        public let addressAllocationIds: [String]?
        /// A list of security groups IDs that are available to attach to your server's endpoint.  This property can only be set when EndpointType is set to VPC. You can edit the SecurityGroupIds property in the UpdateServer API only if you are changing the EndpointType from PUBLIC or VPC_ENDPOINT to VPC. To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 ModifyVpcEndpoint API.
        public let securityGroupIds: [String]?
        /// A list of subnet IDs that are required to host your server endpoint in your VPC.  This property can only be set when EndpointType is set to VPC.
        public let subnetIds: [String]?
        /// The identifier of the VPC endpoint.  This property can only be set when EndpointType is set to VPC_ENDPOINT. For more information, see https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint.
        public let vpcEndpointId: String?
        /// The VPC identifier of the VPC in which a server's endpoint will be hosted.  This property can only be set when EndpointType is set to VPC.
        public let vpcId: String?

        public init(addressAllocationIds: [String]? = nil, securityGroupIds: [String]? = nil, subnetIds: [String]? = nil, vpcEndpointId: String? = nil, vpcId: String? = nil) {
            self.addressAllocationIds = addressAllocationIds
            self.securityGroupIds = securityGroupIds
            self.subnetIds = subnetIds
            self.vpcEndpointId = vpcEndpointId
            self.vpcId = vpcId
        }

        public func validate(name: String) throws {
            try self.securityGroupIds?.forEach {
                try validate($0, name: "securityGroupIds[]", parent: name, max: 20)
                try validate($0, name: "securityGroupIds[]", parent: name, min: 11)
                try validate($0, name: "securityGroupIds[]", parent: name, pattern: "^sg-[0-9a-f]{8,17}$")
            }
            try self.validate(self.vpcEndpointId, name: "vpcEndpointId", parent: name, max: 22)
            try self.validate(self.vpcEndpointId, name: "vpcEndpointId", parent: name, min: 22)
            try self.validate(self.vpcEndpointId, name: "vpcEndpointId", parent: name, pattern: "^vpce-[0-9a-f]{17}$")
        }

        private enum CodingKeys: String, CodingKey {
            case addressAllocationIds = "AddressAllocationIds"
            case securityGroupIds = "SecurityGroupIds"
            case subnetIds = "SubnetIds"
            case vpcEndpointId = "VpcEndpointId"
            case vpcId = "VpcId"
        }
    }

    public struct ExecutionError: AWSDecodableShape {
        /// Specifies the descriptive message that corresponds to the ErrorType.
        public let message: String
        /// Specifies the error type.    ALREADY_EXISTS: occurs for a copy step, if the overwrite option is not selected and a file with the same name already exists in the target location.    BAD_REQUEST: a general bad request: for example, a step that attempts to tag an EFS file returns BAD_REQUEST, as only S3 files can be tagged.    CUSTOM_STEP_FAILED: occurs when the custom step provided a callback that indicates failure.    INTERNAL_SERVER_ERROR: a catch-all error that can occur for a variety of reasons.    NOT_FOUND: occurs when a requested entity, for example a source file for a copy step, does not exist.    PERMISSION_DENIED: occurs if your policy does not contain the correct permissions to complete one or more of the steps in the workflow.    TIMEOUT: occurs when the execution times out.  You can set the TimeoutSeconds for a custom step, anywhere from 1 second to 1800 seconds (30 minutes).      THROTTLED: occurs if you exceed the new execution refill rate of one workflow per second.
        public let type: ExecutionErrorType

        public init(message: String, type: ExecutionErrorType) {
            self.message = message
            self.type = type
        }

        private enum CodingKeys: String, CodingKey {
            case message = "Message"
            case type = "Type"
        }
    }

    public struct ExecutionResults: AWSDecodableShape {
        /// Specifies the steps (actions) to take if errors are encountered during execution of the workflow.
        public let onExceptionSteps: [ExecutionStepResult]?
        /// Specifies the details for the steps that are in the specified workflow.
        public let steps: [ExecutionStepResult]?

        public init(onExceptionSteps: [ExecutionStepResult]? = nil, steps: [ExecutionStepResult]? = nil) {
            self.onExceptionSteps = onExceptionSteps
            self.steps = steps
        }

        private enum CodingKeys: String, CodingKey {
            case onExceptionSteps = "OnExceptionSteps"
            case steps = "Steps"
        }
    }

    public struct ExecutionStepResult: AWSDecodableShape {
        /// Specifies the details for an error, if it occurred during execution of the specified workflow step.
        public let error: ExecutionError?
        /// The values for the key/value pair applied as a tag to the file. Only applicable if the step type is TAG.
        public let outputs: String?
        /// One of the available step types.    COPY: Copy the file to another location.    CUSTOM: Perform a custom step with an Lambda function target.    DELETE: Delete the file.    TAG: Add a tag to the file.
        public let stepType: WorkflowStepType?

        public init(error: ExecutionError? = nil, outputs: String? = nil, stepType: WorkflowStepType? = nil) {
            self.error = error
            self.outputs = outputs
            self.stepType = stepType
        }

        private enum CodingKeys: String, CodingKey {
            case error = "Error"
            case outputs = "Outputs"
            case stepType = "StepType"
        }
    }

    public struct FileLocation: AWSDecodableShape {
        /// Specifies the Amazon EFS identifier and the path for the file being used.
        public let efsFileLocation: EfsFileLocation?
        /// Specifies the S3 details for the file being used, such as bucket, ETag, and so forth.
        public let s3FileLocation: S3FileLocation?

        public init(efsFileLocation: EfsFileLocation? = nil, s3FileLocation: S3FileLocation? = nil) {
            self.efsFileLocation = efsFileLocation
            self.s3FileLocation = s3FileLocation
        }

        private enum CodingKeys: String, CodingKey {
            case efsFileLocation = "EfsFileLocation"
            case s3FileLocation = "S3FileLocation"
        }
    }

    public struct HomeDirectoryMapEntry: AWSEncodableShape & AWSDecodableShape {
        /// Represents an entry for HomeDirectoryMappings.
        public let entry: String
        /// Represents the map target that is used in a HomeDirectorymapEntry.
        public let target: String

        public init(entry: String, target: String) {
            self.entry = entry
            self.target = target
        }

        public func validate(name: String) throws {
            try self.validate(self.entry, name: "entry", parent: name, max: 1024)
            try self.validate(self.entry, name: "entry", parent: name, pattern: "^/")
            try self.validate(self.target, name: "target", parent: name, max: 1024)
            try self.validate(self.target, name: "target", parent: name, pattern: "^/")
        }

        private enum CodingKeys: String, CodingKey {
            case entry = "Entry"
            case target = "Target"
        }
    }

    public struct IdentityProviderDetails: AWSEncodableShape & AWSDecodableShape {
        /// The identifier of the Directory Service directory that you want to stop sharing.
        public let directoryId: String?
        /// The ARN for a lambda function to use for the Identity provider.
        public let function: String?
        /// Provides the type of InvocationRole used to authenticate the user account.
        public let invocationRole: String?
        /// Provides the location of the service endpoint used to authenticate users.
        public let url: String?

        public init(directoryId: String? = nil, function: String? = nil, invocationRole: String? = nil, url: String? = nil) {
            self.directoryId = directoryId
            self.function = function
            self.invocationRole = invocationRole
            self.url = url
        }

        public func validate(name: String) throws {
            try self.validate(self.directoryId, name: "directoryId", parent: name, max: 12)
            try self.validate(self.directoryId, name: "directoryId", parent: name, min: 12)
            try self.validate(self.directoryId, name: "directoryId", parent: name, pattern: "^d-[0-9a-f]{10}$")
            try self.validate(self.function, name: "function", parent: name, max: 170)
            try self.validate(self.function, name: "function", parent: name, min: 1)
            try self.validate(self.function, name: "function", parent: name, pattern: "^arn:[a-z-]+:lambda:.*$")
            try self.validate(self.invocationRole, name: "invocationRole", parent: name, max: 2048)
            try self.validate(self.invocationRole, name: "invocationRole", parent: name, min: 20)
            try self.validate(self.invocationRole, name: "invocationRole", parent: name, pattern: "^arn:.*role/")
            try self.validate(self.url, name: "url", parent: name, max: 255)
        }

        private enum CodingKeys: String, CodingKey {
            case directoryId = "DirectoryId"
            case function = "Function"
            case invocationRole = "InvocationRole"
            case url = "Url"
        }
    }

    public struct ImportCertificateRequest: AWSEncodableShape {
        /// An optional date that specifies when the certificate becomes active.
        public let activeDate: Date?
        /// The file that contains the certificate to import.
        public let certificate: String
        /// An optional list of certificates that make up the chain for the certificate that's being imported.
        public let certificateChain: String?
        /// A short description that helps identify the certificate.
        public let description: String?
        /// An optional date that specifies when the certificate becomes inactive.
        public let inactiveDate: Date?
        /// The file that contains the private key for the certificate that's being imported.
        public let privateKey: String?
        /// Key-value pairs that can be used to group and search for certificates.
        public let tags: [Tag]?
        /// Specifies whether this certificate is used for signing or encryption.
        public let usage: CertificateUsageType

        public init(activeDate: Date? = nil, certificate: String, certificateChain: String? = nil, description: String? = nil, inactiveDate: Date? = nil, privateKey: String? = nil, tags: [Tag]? = nil, usage: CertificateUsageType) {
            self.activeDate = activeDate
            self.certificate = certificate
            self.certificateChain = certificateChain
            self.description = description
            self.inactiveDate = inactiveDate
            self.privateKey = privateKey
            self.tags = tags
            self.usage = usage
        }

        public func validate(name: String) throws {
            try self.validate(self.certificate, name: "certificate", parent: name, max: 16384)
            try self.validate(self.certificate, name: "certificate", parent: name, min: 1)
            try self.validate(self.certificate, name: "certificate", parent: name, pattern: "^[\\u0009\\u000A\\u000D\\u0020-\\u00FF]*$")
            try self.validate(self.certificateChain, name: "certificateChain", parent: name, max: 2_097_152)
            try self.validate(self.certificateChain, name: "certificateChain", parent: name, min: 1)
            try self.validate(self.certificateChain, name: "certificateChain", parent: name, pattern: "^[\\u0009\\u000A\\u000D\\u0020-\\u00FF]*$")
            try self.validate(self.description, name: "description", parent: name, max: 200)
            try self.validate(self.description, name: "description", parent: name, min: 1)
            try self.validate(self.description, name: "description", parent: name, pattern: "^[\\p{Graph}]+$")
            try self.validate(self.privateKey, name: "privateKey", parent: name, max: 16384)
            try self.validate(self.privateKey, name: "privateKey", parent: name, min: 1)
            try self.validate(self.privateKey, name: "privateKey", parent: name, pattern: "^[\\u0009\\u000A\\u000D\\u0020-\\u00FF]*$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
            try self.validate(self.tags, name: "tags", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case activeDate = "ActiveDate"
            case certificate = "Certificate"
            case certificateChain = "CertificateChain"
            case description = "Description"
            case inactiveDate = "InactiveDate"
            case privateKey = "PrivateKey"
            case tags = "Tags"
            case usage = "Usage"
        }
    }

    public struct ImportCertificateResponse: AWSDecodableShape {
        /// An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
        public let certificateId: String

        public init(certificateId: String) {
            self.certificateId = certificateId
        }

        private enum CodingKeys: String, CodingKey {
            case certificateId = "CertificateId"
        }
    }

    public struct ImportHostKeyRequest: AWSEncodableShape {
        /// The text description that identifies this host key.
        public let description: String?
        /// The public key portion of an SSH key pair. Transfer Family accepts RSA, ECDSA, and ED25519 keys.
        public let hostKeyBody: String
        /// The identifier of the server that contains the host key that you are importing.
        public let serverId: String
        /// Key-value pairs that can be used to group and search for host keys.
        public let tags: [Tag]?

        public init(description: String? = nil, hostKeyBody: String, serverId: String, tags: [Tag]? = nil) {
            self.description = description
            self.hostKeyBody = hostKeyBody
            self.serverId = serverId
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.description, name: "description", parent: name, max: 200)
            try self.validate(self.description, name: "description", parent: name, pattern: "^[\\p{Print}]*$")
            try self.validate(self.hostKeyBody, name: "hostKeyBody", parent: name, max: 4096)
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
            try self.validate(self.tags, name: "tags", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case description = "Description"
            case hostKeyBody = "HostKeyBody"
            case serverId = "ServerId"
            case tags = "Tags"
        }
    }

    public struct ImportHostKeyResponse: AWSDecodableShape {
        /// Returns the host key identifier for the imported key.
        public let hostKeyId: String
        /// Returns the server identifier that contains the imported key.
        public let serverId: String

        public init(hostKeyId: String, serverId: String) {
            self.hostKeyId = hostKeyId
            self.serverId = serverId
        }

        private enum CodingKeys: String, CodingKey {
            case hostKeyId = "HostKeyId"
            case serverId = "ServerId"
        }
    }

    public struct ImportSshPublicKeyRequest: AWSEncodableShape {
        /// A system-assigned unique identifier for a server.
        public let serverId: String
        /// The public key portion of an SSH key pair. Transfer Family accepts RSA, ECDSA, and ED25519 keys.
        public let sshPublicKeyBody: String
        /// The name of the user account that is assigned to one or more servers.
        public let userName: String

        public init(serverId: String, sshPublicKeyBody: String, userName: String) {
            self.serverId = serverId
            self.sshPublicKeyBody = sshPublicKeyBody
            self.userName = userName
        }

        public func validate(name: String) throws {
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
            try self.validate(self.sshPublicKeyBody, name: "sshPublicKeyBody", parent: name, max: 2048)
            try self.validate(self.userName, name: "userName", parent: name, max: 100)
            try self.validate(self.userName, name: "userName", parent: name, min: 3)
            try self.validate(self.userName, name: "userName", parent: name, pattern: "^[\\w][\\w@.-]{2,99}$")
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
            case sshPublicKeyBody = "SshPublicKeyBody"
            case userName = "UserName"
        }
    }

    public struct ImportSshPublicKeyResponse: AWSDecodableShape {
        /// A system-assigned unique identifier for a server.
        public let serverId: String
        /// The name given to a public key by the system that was imported.
        public let sshPublicKeyId: String
        /// A user name assigned to the ServerID value that you specified.
        public let userName: String

        public init(serverId: String, sshPublicKeyId: String, userName: String) {
            self.serverId = serverId
            self.sshPublicKeyId = sshPublicKeyId
            self.userName = userName
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
            case sshPublicKeyId = "SshPublicKeyId"
            case userName = "UserName"
        }
    }

    public struct InputFileLocation: AWSEncodableShape & AWSDecodableShape {
        /// Reserved for future use.
        public let efsFileLocation: EfsFileLocation?
        /// Specifies the details for the S3 file being copied.
        public let s3FileLocation: S3InputFileLocation?

        public init(efsFileLocation: EfsFileLocation? = nil, s3FileLocation: S3InputFileLocation? = nil) {
            self.efsFileLocation = efsFileLocation
            self.s3FileLocation = s3FileLocation
        }

        public func validate(name: String) throws {
            try self.efsFileLocation?.validate(name: "\(name).efsFileLocation")
            try self.s3FileLocation?.validate(name: "\(name).s3FileLocation")
        }

        private enum CodingKeys: String, CodingKey {
            case efsFileLocation = "EfsFileLocation"
            case s3FileLocation = "S3FileLocation"
        }
    }

    public struct ListAccessesRequest: AWSEncodableShape {
        /// Specifies the maximum number of access SIDs to return.
        public let maxResults: Int?
        /// When you can get additional results from the ListAccesses call, a NextToken parameter is returned in the output. You can then pass in a subsequent command to the NextToken parameter to continue listing additional accesses.
        public let nextToken: String?
        /// A system-assigned unique identifier for a server that has users assigned to it.
        public let serverId: String

        public init(maxResults: Int? = nil, nextToken: String? = nil, serverId: String) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case serverId = "ServerId"
        }
    }

    public struct ListAccessesResponse: AWSDecodableShape {
        /// Returns the accesses and their properties for the ServerId value that you specify.
        public let accesses: [ListedAccess]
        /// When you can get additional results from the ListAccesses call, a NextToken parameter is returned in the output. You can then pass in a subsequent command to the NextToken parameter to continue listing additional accesses.
        public let nextToken: String?
        /// A system-assigned unique identifier for a server that has users assigned to it.
        public let serverId: String

        public init(accesses: [ListedAccess], nextToken: String? = nil, serverId: String) {
            self.accesses = accesses
            self.nextToken = nextToken
            self.serverId = serverId
        }

        private enum CodingKeys: String, CodingKey {
            case accesses = "Accesses"
            case nextToken = "NextToken"
            case serverId = "ServerId"
        }
    }

    public struct ListAgreementsRequest: AWSEncodableShape {
        /// The maximum number of agreements to return.
        public let maxResults: Int?
        /// When you can get additional results from the ListAgreements call, a NextToken parameter is returned in the output. You can then pass in a subsequent command to the NextToken parameter to continue listing additional agreements.
        public let nextToken: String?
        /// The identifier of the server for which you want a list of agreements.
        public let serverId: String

        public init(maxResults: Int? = nil, nextToken: String? = nil, serverId: String) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case serverId = "ServerId"
        }
    }

    public struct ListAgreementsResponse: AWSDecodableShape {
        /// Returns an array, where each item contains the details of an agreement.
        public let agreements: [ListedAgreement]
        /// Returns a token that you can use to call ListAgreements again and receive additional results, if there are any.
        public let nextToken: String?

        public init(agreements: [ListedAgreement], nextToken: String? = nil) {
            self.agreements = agreements
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case agreements = "Agreements"
            case nextToken = "NextToken"
        }
    }

    public struct ListCertificatesRequest: AWSEncodableShape {
        /// The maximum number of certificates to return.
        public let maxResults: Int?
        /// When you can get additional results from the ListCertificates call, a NextToken parameter is returned in the output. You can then pass in a subsequent command to the NextToken parameter to continue listing additional certificates.
        public let nextToken: String?

        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListCertificatesResponse: AWSDecodableShape {
        /// Returns an array of the certificates that are specified in the ListCertificates call.
        public let certificates: [ListedCertificate]
        /// Returns the next token, which you can use to list the next certificate.
        public let nextToken: String?

        public init(certificates: [ListedCertificate], nextToken: String? = nil) {
            self.certificates = certificates
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case certificates = "Certificates"
            case nextToken = "NextToken"
        }
    }

    public struct ListConnectorsRequest: AWSEncodableShape {
        /// The maximum number of connectors to return.
        public let maxResults: Int?
        /// When you can get additional results from the ListConnectors call, a NextToken parameter is returned in the output. You can then pass in a subsequent command to the NextToken parameter to continue listing additional connectors.
        public let nextToken: String?

        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListConnectorsResponse: AWSDecodableShape {
        /// Returns an array, where each item contains the details of a connector.
        public let connectors: [ListedConnector]
        /// Returns a token that you can use to call ListConnectors again and receive additional results, if there are any.
        public let nextToken: String?

        public init(connectors: [ListedConnector], nextToken: String? = nil) {
            self.connectors = connectors
            self.nextToken = nextToken
        }

        private enum CodingKeys: String, CodingKey {
            case connectors = "Connectors"
            case nextToken = "NextToken"
        }
    }

    public struct ListExecutionsRequest: AWSEncodableShape {
        /// Specifies the maximum number of executions to return.
        public let maxResults: Int?
        ///  ListExecutions returns the NextToken parameter in the output. You can then pass the NextToken parameter in a subsequent command to continue listing additional executions.  This is useful for pagination, for instance. If you have 100 executions for a workflow, you might only want to list first 10. If so, call the API by specifying the max-results:   aws transfer list-executions --max-results 10   This returns details for the first 10 executions, as well as the pointer (NextToken) to the eleventh execution. You can now call the API again, supplying the NextToken value you received:   aws transfer list-executions --max-results 10 --next-token $somePointerReturnedFromPreviousListResult   This call returns the next 10 executions, the 11th through the 20th. You can then repeat the call until the details for all 100 executions have been returned.
        public let nextToken: String?
        /// A unique identifier for the workflow.
        public let workflowId: String

        public init(maxResults: Int? = nil, nextToken: String? = nil, workflowId: String) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.workflowId = workflowId
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
            try self.validate(self.workflowId, name: "workflowId", parent: name, max: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, min: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, pattern: "^w-([a-z0-9]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case workflowId = "WorkflowId"
        }
    }

    public struct ListExecutionsResponse: AWSDecodableShape {
        /// Returns the details for each execution.    NextToken: returned from a call to several APIs, you can use pass it to a subsequent command to continue listing additional executions.    StartTime: timestamp indicating when the execution began.    Executions: details of the execution, including the execution ID, initial file location, and Service metadata.    Status: one of the following values: IN_PROGRESS, COMPLETED, EXCEPTION, HANDLING_EXEPTION.
        public let executions: [ListedExecution]
        ///  ListExecutions returns the NextToken parameter in the output. You can then pass the NextToken parameter in a subsequent command to continue listing additional executions.
        public let nextToken: String?
        /// A unique identifier for the workflow.
        public let workflowId: String

        public init(executions: [ListedExecution], nextToken: String? = nil, workflowId: String) {
            self.executions = executions
            self.nextToken = nextToken
            self.workflowId = workflowId
        }

        private enum CodingKeys: String, CodingKey {
            case executions = "Executions"
            case nextToken = "NextToken"
            case workflowId = "WorkflowId"
        }
    }

    public struct ListHostKeysRequest: AWSEncodableShape {
        /// The maximum number of host keys to return.
        public let maxResults: Int?
        /// When there are additional results that were not returned, a NextToken parameter is returned. You can use that value for a subsequent call to ListHostKeys to continue listing results.
        public let nextToken: String?
        /// The identifier of the server that contains the host keys that you want to view.
        public let serverId: String

        public init(maxResults: Int? = nil, nextToken: String? = nil, serverId: String) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case serverId = "ServerId"
        }
    }

    public struct ListHostKeysResponse: AWSDecodableShape {
        /// Returns an array, where each item contains the details of a host key.
        public let hostKeys: [ListedHostKey]
        /// Returns a token that you can use to call ListHostKeys again and receive additional results, if there are any.
        public let nextToken: String?
        /// Returns the server identifier that contains the listed host keys.
        public let serverId: String

        public init(hostKeys: [ListedHostKey], nextToken: String? = nil, serverId: String) {
            self.hostKeys = hostKeys
            self.nextToken = nextToken
            self.serverId = serverId
        }

        private enum CodingKeys: String, CodingKey {
            case hostKeys = "HostKeys"
            case nextToken = "NextToken"
            case serverId = "ServerId"
        }
    }

    public struct ListProfilesRequest: AWSEncodableShape {
        /// The maximum number of profiles to return.
        public let maxResults: Int?
        /// When there are additional results that were not returned, a NextToken parameter is returned. You can use that value for a subsequent call to ListProfiles to continue listing results.
        public let nextToken: String?
        /// Indicates whether to list only LOCAL type profiles or only PARTNER type profiles.  If not supplied in the request, the command lists all types of profiles.
        public let profileType: ProfileType?

        public init(maxResults: Int? = nil, nextToken: String? = nil, profileType: ProfileType? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.profileType = profileType
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case profileType = "ProfileType"
        }
    }

    public struct ListProfilesResponse: AWSDecodableShape {
        /// Returns a token that you can use to call ListProfiles again and receive additional results, if there are any.
        public let nextToken: String?
        /// Returns an array, where each item contains the details of a profile.
        public let profiles: [ListedProfile]

        public init(nextToken: String? = nil, profiles: [ListedProfile]) {
            self.nextToken = nextToken
            self.profiles = profiles
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case profiles = "Profiles"
        }
    }

    public struct ListSecurityPoliciesRequest: AWSEncodableShape {
        /// Specifies the number of security policies to return as a response to the ListSecurityPolicies query.
        public let maxResults: Int?
        /// When additional results are obtained from the ListSecurityPolicies command, a NextToken parameter is returned in the output. You can then pass the NextToken parameter in a subsequent command to continue listing additional security policies.
        public let nextToken: String?

        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListSecurityPoliciesResponse: AWSDecodableShape {
        /// When you can get additional results from the ListSecurityPolicies operation, a NextToken parameter is returned in the output. In a following command, you can pass in the NextToken parameter to continue listing security policies.
        public let nextToken: String?
        /// An array of security policies that were listed.
        public let securityPolicyNames: [String]

        public init(nextToken: String? = nil, securityPolicyNames: [String]) {
            self.nextToken = nextToken
            self.securityPolicyNames = securityPolicyNames
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case securityPolicyNames = "SecurityPolicyNames"
        }
    }

    public struct ListServersRequest: AWSEncodableShape {
        /// Specifies the number of servers to return as a response to the ListServers query.
        public let maxResults: Int?
        /// When additional results are obtained from the ListServers command, a NextToken parameter is returned in the output. You can then pass the NextToken parameter in a subsequent command to continue listing additional servers.
        public let nextToken: String?

        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListServersResponse: AWSDecodableShape {
        /// When you can get additional results from the ListServers operation, a NextToken parameter is returned in the output. In a following command, you can pass in the NextToken parameter to continue listing additional servers.
        public let nextToken: String?
        /// An array of servers that were listed.
        public let servers: [ListedServer]

        public init(nextToken: String? = nil, servers: [ListedServer]) {
            self.nextToken = nextToken
            self.servers = servers
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case servers = "Servers"
        }
    }

    public struct ListTagsForResourceRequest: AWSEncodableShape {
        /// Requests the tags associated with a particular Amazon Resource Name (ARN). An ARN is an identifier for a specific Amazon Web Services resource, such as a server, user, or role.
        public let arn: String
        /// Specifies the number of tags to return as a response to the ListTagsForResource request.
        public let maxResults: Int?
        /// When you request additional results from the ListTagsForResource operation, a NextToken parameter is returned in the input. You can then pass in a subsequent command to the NextToken parameter to continue listing additional tags.
        public let nextToken: String?

        public init(arn: String, maxResults: Int? = nil, nextToken: String? = nil) {
            self.arn = arn
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, max: 1600)
            try self.validate(self.arn, name: "arn", parent: name, min: 20)
            try self.validate(self.arn, name: "arn", parent: name, pattern: "^arn:")
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListTagsForResourceResponse: AWSDecodableShape {
        /// The ARN you specified to list the tags of.
        public let arn: String?
        /// When you can get additional results from the ListTagsForResource call, a NextToken parameter is returned in the output. You can then pass in a subsequent command to the NextToken parameter to continue listing additional tags.
        public let nextToken: String?
        /// Key-value pairs that are assigned to a resource, usually for the purpose of grouping and searching for items. Tags are metadata that you define.
        public let tags: [Tag]?

        public init(arn: String? = nil, nextToken: String? = nil, tags: [Tag]? = nil) {
            self.arn = arn
            self.nextToken = nextToken
            self.tags = tags
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case nextToken = "NextToken"
            case tags = "Tags"
        }
    }

    public struct ListUsersRequest: AWSEncodableShape {
        /// Specifies the number of users to return as a response to the ListUsers request.
        public let maxResults: Int?
        /// When you can get additional results from the ListUsers call, a NextToken parameter is returned in the output. You can then pass in a subsequent command to the NextToken parameter to continue listing additional users.
        public let nextToken: String?
        /// A system-assigned unique identifier for a server that has users assigned to it.
        public let serverId: String

        public init(maxResults: Int? = nil, nextToken: String? = nil, serverId: String) {
            self.maxResults = maxResults
            self.nextToken = nextToken
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
            case serverId = "ServerId"
        }
    }

    public struct ListUsersResponse: AWSDecodableShape {
        /// When you can get additional results from the ListUsers call, a NextToken parameter is returned in the output. You can then pass in a subsequent command to the NextToken parameter to continue listing additional users.
        public let nextToken: String?
        /// A system-assigned unique identifier for a server that the users are assigned to.
        public let serverId: String
        /// Returns the user accounts and their properties for the ServerId value that you specify.
        public let users: [ListedUser]

        public init(nextToken: String? = nil, serverId: String, users: [ListedUser]) {
            self.nextToken = nextToken
            self.serverId = serverId
            self.users = users
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case serverId = "ServerId"
            case users = "Users"
        }
    }

    public struct ListWorkflowsRequest: AWSEncodableShape {
        /// Specifies the maximum number of workflows to return.
        public let maxResults: Int?
        ///  ListWorkflows returns the NextToken parameter in the output. You can then pass the NextToken parameter in a subsequent command to continue listing additional workflows.
        public let nextToken: String?

        public init(maxResults: Int? = nil, nextToken: String? = nil) {
            self.maxResults = maxResults
            self.nextToken = nextToken
        }

        public func validate(name: String) throws {
            try self.validate(self.maxResults, name: "maxResults", parent: name, max: 1000)
            try self.validate(self.maxResults, name: "maxResults", parent: name, min: 1)
            try self.validate(self.nextToken, name: "nextToken", parent: name, max: 6144)
            try self.validate(self.nextToken, name: "nextToken", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case maxResults = "MaxResults"
            case nextToken = "NextToken"
        }
    }

    public struct ListWorkflowsResponse: AWSDecodableShape {
        ///  ListWorkflows returns the NextToken parameter in the output. You can then pass the NextToken parameter in a subsequent command to continue listing additional workflows.
        public let nextToken: String?
        /// Returns the Arn, WorkflowId, and Description for each workflow.
        public let workflows: [ListedWorkflow]

        public init(nextToken: String? = nil, workflows: [ListedWorkflow]) {
            self.nextToken = nextToken
            self.workflows = workflows
        }

        private enum CodingKeys: String, CodingKey {
            case nextToken = "NextToken"
            case workflows = "Workflows"
        }
    }

    public struct ListedAccess: AWSDecodableShape {
        /// A unique identifier that is required to identify specific groups within your directory. The users of the group that you associate have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Transfer Family. If you know the group name, you can view the SID values by running the following command using Windows PowerShell.  Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid  In that command, replace YourGroupName with the name of your Active Directory group. The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@:/-
        public let externalId: String?
        /// The landing directory (folder) for a user when they log in to the server using the client. A HomeDirectory example is /bucket_name/home/mydirectory.
        public let homeDirectory: String?
        /// The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer  protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for  how you want to make Amazon S3 or Amazon EFS paths visible to your users.
        public let homeDirectoryType: HomeDirectoryType?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3  bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users  when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust  relationship that allows the server to access your resources when servicing your users' transfer requests.
        public let role: String?

        public init(externalId: String? = nil, homeDirectory: String? = nil, homeDirectoryType: HomeDirectoryType? = nil, role: String? = nil) {
            self.externalId = externalId
            self.homeDirectory = homeDirectory
            self.homeDirectoryType = homeDirectoryType
            self.role = role
        }

        private enum CodingKeys: String, CodingKey {
            case externalId = "ExternalId"
            case homeDirectory = "HomeDirectory"
            case homeDirectoryType = "HomeDirectoryType"
            case role = "Role"
        }
    }

    public struct ListedAgreement: AWSDecodableShape {
        /// A unique identifier for the agreement. This identifier is returned when you create an agreement.
        public let agreementId: String?
        /// The Amazon Resource Name (ARN) of the specified agreement.
        public let arn: String?
        /// The current description for the agreement. You can change it by calling the UpdateAgreement operation and providing a new description.
        public let description: String?
        /// A unique identifier for the AS2 local profile.
        public let localProfileId: String?
        /// A unique identifier for the partner profile.
        public let partnerProfileId: String?
        /// The unique identifier for the agreement.
        public let serverId: String?
        /// The agreement can be either ACTIVE or INACTIVE.
        public let status: AgreementStatusType?

        public init(agreementId: String? = nil, arn: String? = nil, description: String? = nil, localProfileId: String? = nil, partnerProfileId: String? = nil, serverId: String? = nil, status: AgreementStatusType? = nil) {
            self.agreementId = agreementId
            self.arn = arn
            self.description = description
            self.localProfileId = localProfileId
            self.partnerProfileId = partnerProfileId
            self.serverId = serverId
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case agreementId = "AgreementId"
            case arn = "Arn"
            case description = "Description"
            case localProfileId = "LocalProfileId"
            case partnerProfileId = "PartnerProfileId"
            case serverId = "ServerId"
            case status = "Status"
        }
    }

    public struct ListedCertificate: AWSDecodableShape {
        /// An optional date that specifies when the certificate becomes active.
        public let activeDate: Date?
        /// The Amazon Resource Name (ARN) of the specified certificate.
        public let arn: String?
        /// An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
        public let certificateId: String?
        /// The name or short description that's used to identify the certificate.
        public let description: String?
        /// An optional date that specifies when the certificate becomes inactive.
        public let inactiveDate: Date?
        /// The certificate can be either ACTIVE, PENDING_ROTATION, or INACTIVE. PENDING_ROTATION means that this certificate will replace the current certificate when it expires.
        public let status: CertificateStatusType?
        /// The type for the certificate. If a private key has been specified for the certificate, its type is CERTIFICATE_WITH_PRIVATE_KEY. If there is no private key, the type is CERTIFICATE.
        public let type: CertificateType?
        /// Specifies whether this certificate is used for signing or encryption.
        public let usage: CertificateUsageType?

        public init(activeDate: Date? = nil, arn: String? = nil, certificateId: String? = nil, description: String? = nil, inactiveDate: Date? = nil, status: CertificateStatusType? = nil, type: CertificateType? = nil, usage: CertificateUsageType? = nil) {
            self.activeDate = activeDate
            self.arn = arn
            self.certificateId = certificateId
            self.description = description
            self.inactiveDate = inactiveDate
            self.status = status
            self.type = type
            self.usage = usage
        }

        private enum CodingKeys: String, CodingKey {
            case activeDate = "ActiveDate"
            case arn = "Arn"
            case certificateId = "CertificateId"
            case description = "Description"
            case inactiveDate = "InactiveDate"
            case status = "Status"
            case type = "Type"
            case usage = "Usage"
        }
    }

    public struct ListedConnector: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the specified connector.
        public let arn: String?
        /// The unique identifier for the connector.
        public let connectorId: String?
        /// The URL of the partner's AS2 endpoint.
        public let url: String?

        public init(arn: String? = nil, connectorId: String? = nil, url: String? = nil) {
            self.arn = arn
            self.connectorId = connectorId
            self.url = url
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case connectorId = "ConnectorId"
            case url = "Url"
        }
    }

    public struct ListedExecution: AWSDecodableShape {
        /// A unique identifier for the execution of a workflow.
        public let executionId: String?
        /// A structure that describes the Amazon S3 or EFS file location. This is the file location when the execution begins: if the file is being copied, this is the initial (as opposed to destination) file location.
        public let initialFileLocation: FileLocation?
        /// A container object for the session details that are associated with a workflow.
        public let serviceMetadata: ServiceMetadata?
        /// The status is one of the execution. Can be in progress, completed, exception encountered, or handling the exception.
        public let status: ExecutionStatus?

        public init(executionId: String? = nil, initialFileLocation: FileLocation? = nil, serviceMetadata: ServiceMetadata? = nil, status: ExecutionStatus? = nil) {
            self.executionId = executionId
            self.initialFileLocation = initialFileLocation
            self.serviceMetadata = serviceMetadata
            self.status = status
        }

        private enum CodingKeys: String, CodingKey {
            case executionId = "ExecutionId"
            case initialFileLocation = "InitialFileLocation"
            case serviceMetadata = "ServiceMetadata"
            case status = "Status"
        }
    }

    public struct ListedHostKey: AWSDecodableShape {
        /// The unique Amazon Resource Name (ARN) of the host key.
        public let arn: String
        /// The date on which the host key was added to the server.
        public let dateImported: Date?
        /// The current description for the host key. You can change it by calling the UpdateHostKey operation and providing a new description.
        public let description: String?
        /// The public key fingerprint, which is a short sequence of bytes used to identify the longer public key.
        public let fingerprint: String?
        /// A unique identifier for the host key.
        public let hostKeyId: String?
        /// The encryption algorithm that is used for the host key. The Type parameter is specified by using one of the following values:    ssh-rsa     ssh-ed25519     ecdsa-sha2-nistp256     ecdsa-sha2-nistp384     ecdsa-sha2-nistp521
        public let type: String?

        public init(arn: String, dateImported: Date? = nil, description: String? = nil, fingerprint: String? = nil, hostKeyId: String? = nil, type: String? = nil) {
            self.arn = arn
            self.dateImported = dateImported
            self.description = description
            self.fingerprint = fingerprint
            self.hostKeyId = hostKeyId
            self.type = type
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case dateImported = "DateImported"
            case description = "Description"
            case fingerprint = "Fingerprint"
            case hostKeyId = "HostKeyId"
            case type = "Type"
        }
    }

    public struct ListedProfile: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the specified profile.
        public let arn: String?
        /// The As2Id is the AS2-name, as defined in the  RFC 4130. For inbound transfers, this is the AS2-From header for the AS2 messages sent from the partner. For outbound connectors, this is the AS2-To header for the AS2 messages sent to the partner using the StartFileTransfer API operation. This ID cannot include spaces.
        public let as2Id: String?
        /// A unique identifier for the local or partner AS2 profile.
        public let profileId: String?
        /// Indicates whether to list only LOCAL type profiles or only PARTNER type profiles.  If not supplied in the request, the command lists all types of profiles.
        public let profileType: ProfileType?

        public init(arn: String? = nil, as2Id: String? = nil, profileId: String? = nil, profileType: ProfileType? = nil) {
            self.arn = arn
            self.as2Id = as2Id
            self.profileId = profileId
            self.profileType = profileType
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case as2Id = "As2Id"
            case profileId = "ProfileId"
            case profileType = "ProfileType"
        }
    }

    public struct ListedServer: AWSDecodableShape {
        /// Specifies the unique Amazon Resource Name (ARN) for a server to be listed.
        public let arn: String
        /// Specifies the domain of the storage system that is used for file transfers.
        public let domain: Domain?
        /// Specifies the type of VPC endpoint that your server is connected to. If your server is connected to a VPC endpoint, your server isn't accessible over the public internet.
        public let endpointType: EndpointType?
        /// The mode of authentication for a server. The default value is SERVICE_MANAGED, which allows you to store and access user credentials within the Transfer Family service. Use AWS_DIRECTORY_SERVICE to provide access to Active Directory groups in Directory Service for Microsoft Active Directory or Microsoft Active Directory in your on-premises environment or in Amazon Web Services using AD Connector. This option also requires you to provide a Directory ID by using the IdentityProviderDetails parameter. Use the API_GATEWAY value to integrate with an identity provider of your choosing. The API_GATEWAY setting requires you to provide an Amazon API Gateway endpoint URL to call for authentication by using the IdentityProviderDetails parameter. Use the AWS_LAMBDA value to directly use an Lambda function as your identity provider.  If you choose this value, you must specify the ARN for the Lambda function in the Function parameter  or the IdentityProviderDetails data type.
        public let identityProviderType: IdentityProviderType?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.
        public let loggingRole: String?
        /// Specifies the unique system assigned identifier for the servers that were listed.
        public let serverId: String?
        /// The condition of the server that was described. A value of ONLINE indicates that the server can accept jobs and transfer files. A State value of OFFLINE means that the server cannot perform file transfer operations. The states of STARTING and STOPPING indicate that the server is in an intermediate state, either not fully able to respond, or not fully offline. The values of START_FAILED or STOP_FAILED can indicate an error condition.
        public let state: State?
        /// Specifies the number of users that are assigned to a server you specified with the ServerId.
        public let userCount: Int?

        public init(arn: String, domain: Domain? = nil, endpointType: EndpointType? = nil, identityProviderType: IdentityProviderType? = nil, loggingRole: String? = nil, serverId: String? = nil, state: State? = nil, userCount: Int? = nil) {
            self.arn = arn
            self.domain = domain
            self.endpointType = endpointType
            self.identityProviderType = identityProviderType
            self.loggingRole = loggingRole
            self.serverId = serverId
            self.state = state
            self.userCount = userCount
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case domain = "Domain"
            case endpointType = "EndpointType"
            case identityProviderType = "IdentityProviderType"
            case loggingRole = "LoggingRole"
            case serverId = "ServerId"
            case state = "State"
            case userCount = "UserCount"
        }
    }

    public struct ListedUser: AWSDecodableShape {
        /// Provides the unique Amazon Resource Name (ARN) for the user that you want to learn about.
        public let arn: String
        /// The landing directory (folder) for a user when they log in to the server using the client. A HomeDirectory example is /bucket_name/home/mydirectory.
        public let homeDirectory: String?
        /// The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer  protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for  how you want to make Amazon S3 or Amazon EFS paths visible to your users.
        public let homeDirectoryType: HomeDirectoryType?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3  bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users  when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust  relationship that allows the server to access your resources when servicing your users' transfer requests.  The IAM role that controls your users' access to your Amazon S3 bucket for servers with Domain=S3, or your EFS file system for servers with Domain=EFS.   The policies attached to this role determine the level of access you want to provide your users when  transferring files into and out of your S3 buckets or EFS file systems.
        public let role: String?
        /// Specifies the number of SSH public keys stored for the user you specified.
        public let sshPublicKeyCount: Int?
        /// Specifies the name of the user whose ARN was specified. User names are used for authentication purposes.
        public let userName: String?

        public init(arn: String, homeDirectory: String? = nil, homeDirectoryType: HomeDirectoryType? = nil, role: String? = nil, sshPublicKeyCount: Int? = nil, userName: String? = nil) {
            self.arn = arn
            self.homeDirectory = homeDirectory
            self.homeDirectoryType = homeDirectoryType
            self.role = role
            self.sshPublicKeyCount = sshPublicKeyCount
            self.userName = userName
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case homeDirectory = "HomeDirectory"
            case homeDirectoryType = "HomeDirectoryType"
            case role = "Role"
            case sshPublicKeyCount = "SshPublicKeyCount"
            case userName = "UserName"
        }
    }

    public struct ListedWorkflow: AWSDecodableShape {
        /// Specifies the unique Amazon Resource Name (ARN) for the workflow.
        public let arn: String?
        /// Specifies the text description for the workflow.
        public let description: String?
        /// A unique identifier for the workflow.
        public let workflowId: String?

        public init(arn: String? = nil, description: String? = nil, workflowId: String? = nil) {
            self.arn = arn
            self.description = description
            self.workflowId = workflowId
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case description = "Description"
            case workflowId = "WorkflowId"
        }
    }

    public struct LoggingConfiguration: AWSDecodableShape {
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.
        public let loggingRole: String?
        /// The name of the CloudWatch logging group for the Transfer Family server to which this workflow belongs.
        public let logGroupName: String?

        public init(loggingRole: String? = nil, logGroupName: String? = nil) {
            self.loggingRole = loggingRole
            self.logGroupName = logGroupName
        }

        private enum CodingKeys: String, CodingKey {
            case loggingRole = "LoggingRole"
            case logGroupName = "LogGroupName"
        }
    }

    public struct PosixProfile: AWSEncodableShape & AWSDecodableShape {
        /// The POSIX group ID used for all EFS operations by this user.
        public let gid: Int64
        /// The secondary POSIX group IDs used for all EFS operations by this user.
        public let secondaryGids: [Int64]?
        /// The POSIX user ID used for all EFS operations by this user.
        public let uid: Int64

        public init(gid: Int64, secondaryGids: [Int64]? = nil, uid: Int64) {
            self.gid = gid
            self.secondaryGids = secondaryGids
            self.uid = uid
        }

        public func validate(name: String) throws {
            try self.validate(self.gid, name: "gid", parent: name, max: 4_294_967_295)
            try self.validate(self.gid, name: "gid", parent: name, min: 0)
            try self.secondaryGids?.forEach {
                try validate($0, name: "secondaryGids[]", parent: name, max: 4_294_967_295)
                try validate($0, name: "secondaryGids[]", parent: name, min: 0)
            }
            try self.validate(self.secondaryGids, name: "secondaryGids", parent: name, max: 16)
            try self.validate(self.uid, name: "uid", parent: name, max: 4_294_967_295)
            try self.validate(self.uid, name: "uid", parent: name, min: 0)
        }

        private enum CodingKeys: String, CodingKey {
            case gid = "Gid"
            case secondaryGids = "SecondaryGids"
            case uid = "Uid"
        }
    }

    public struct ProtocolDetails: AWSEncodableShape & AWSDecodableShape {
        /// Indicates the transport method for the AS2 messages. Currently, only HTTP is supported.
        public let as2Transports: [As2Transport]?
        ///  Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example:   aws transfer update-server --protocol-details PassiveIp=0.0.0.0  Replace 0.0.0.0 in the example above with the actual IP address you want to use.   If you change the PassiveIp value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see Configuring your FTPS server behind a firewall or NAT with Transfer Family.    Special values  The AUTO and 0.0.0.0 are special values for the PassiveIp parameter. The value PassiveIp=AUTO is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. PassiveIp=0.0.0.0 has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the PassiveIp parameter. This reduces the effectiveness of having High Availability. In this case, you can specify PassiveIp=0.0.0.0. This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the PassiveIp=0.0.0.0 response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the PassiveIp=0.0.0.0 response.
        public let passiveIp: String?
        /// Use the SetStatOption to ignore the error that is generated when the client attempts to use SETSTAT on a file you are uploading to an S3 bucket. Some SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as SETSTAT when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when  the file is otherwise successfully uploaded. Set the value to ENABLE_NO_OP to have the Transfer Family server ignore the SETSTAT command, and upload files without needing to make any changes to your SFTP client. While the SetStatOption ENABLE_NO_OP setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a SETSTAT call.  If you want to preserve the original timestamp for your file, and modify other file attributes using SETSTAT, you can use Amazon EFS as backend storage with Transfer Family.
        public let setStatOption: SetStatOption?
        /// A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. TlsSessionResumptionMode determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during CreateServer and UpdateServer calls. If a TlsSessionResumptionMode value is not specified during CreateServer, it is set to ENFORCED by default.    DISABLED: the server does not process TLS session resumption client requests and creates a new TLS session for each request.     ENABLED: the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing.    ENFORCED: the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to ENFORCED, test your clients.  Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the ENFORCED value, you need to test your clients.
        public let tlsSessionResumptionMode: TlsSessionResumptionMode?

        public init(as2Transports: [As2Transport]? = nil, passiveIp: String? = nil, setStatOption: SetStatOption? = nil, tlsSessionResumptionMode: TlsSessionResumptionMode? = nil) {
            self.as2Transports = as2Transports
            self.passiveIp = passiveIp
            self.setStatOption = setStatOption
            self.tlsSessionResumptionMode = tlsSessionResumptionMode
        }

        public func validate(name: String) throws {
            try self.validate(self.as2Transports, name: "as2Transports", parent: name, max: 1)
            try self.validate(self.as2Transports, name: "as2Transports", parent: name, min: 1)
            try self.validate(self.passiveIp, name: "passiveIp", parent: name, max: 15)
        }

        private enum CodingKeys: String, CodingKey {
            case as2Transports = "As2Transports"
            case passiveIp = "PassiveIp"
            case setStatOption = "SetStatOption"
            case tlsSessionResumptionMode = "TlsSessionResumptionMode"
        }
    }

    public struct S3FileLocation: AWSDecodableShape {
        /// Specifies the S3 bucket that contains the file being used.
        public let bucket: String?
        /// The entity tag is a hash of the object. The ETag reflects changes only to the contents of an object, not its metadata.
        public let etag: String?
        /// The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.
        public let key: String?
        /// Specifies the file version.
        public let versionId: String?

        public init(bucket: String? = nil, etag: String? = nil, key: String? = nil, versionId: String? = nil) {
            self.bucket = bucket
            self.etag = etag
            self.key = key
            self.versionId = versionId
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case etag = "Etag"
            case key = "Key"
            case versionId = "VersionId"
        }
    }

    public struct S3InputFileLocation: AWSEncodableShape & AWSDecodableShape {
        /// Specifies the S3 bucket for the customer input file.
        public let bucket: String?
        /// The name assigned to the file when it was created in Amazon S3. You use the object key to retrieve the object.
        public let key: String?

        public init(bucket: String? = nil, key: String? = nil) {
            self.bucket = bucket
            self.key = key
        }

        public func validate(name: String) throws {
            try self.validate(self.bucket, name: "bucket", parent: name, max: 63)
            try self.validate(self.bucket, name: "bucket", parent: name, min: 3)
            try self.validate(self.bucket, name: "bucket", parent: name, pattern: "^[a-z0-9][\\.\\-a-z0-9]{1,61}[a-z0-9]$")
            try self.validate(self.key, name: "key", parent: name, max: 1024)
            try self.validate(self.key, name: "key", parent: name, pattern: "^[\\P{M}\\p{M}]*$")
        }

        private enum CodingKeys: String, CodingKey {
            case bucket = "Bucket"
            case key = "Key"
        }
    }

    public struct S3Tag: AWSEncodableShape & AWSDecodableShape {
        /// The name assigned to the tag that you create.
        public let key: String
        /// The value that corresponds to the key.
        public let value: String

        public init(key: String, value: String) {
            self.key = key
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.key, name: "key", parent: name, max: 128)
            try self.validate(self.key, name: "key", parent: name, min: 1)
            try self.validate(self.key, name: "key", parent: name, pattern: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$")
            try self.validate(self.value, name: "value", parent: name, max: 256)
            try self.validate(self.value, name: "value", parent: name, pattern: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$")
        }

        private enum CodingKeys: String, CodingKey {
            case key = "Key"
            case value = "Value"
        }
    }

    public struct SendWorkflowStepStateRequest: AWSEncodableShape {
        /// A unique identifier for the execution of a workflow.
        public let executionId: String
        /// Indicates whether the specified step succeeded or failed.
        public let status: CustomStepStatus
        /// Used to distinguish between multiple callbacks for multiple Lambda steps within the same execution.
        public let token: String
        /// A unique identifier for the workflow.
        public let workflowId: String

        public init(executionId: String, status: CustomStepStatus, token: String, workflowId: String) {
            self.executionId = executionId
            self.status = status
            self.token = token
            self.workflowId = workflowId
        }

        public func validate(name: String) throws {
            try self.validate(self.executionId, name: "executionId", parent: name, max: 36)
            try self.validate(self.executionId, name: "executionId", parent: name, min: 36)
            try self.validate(self.executionId, name: "executionId", parent: name, pattern: "^[0-9a-fA-F]{8}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{4}\\-[0-9a-fA-F]{12}$")
            try self.validate(self.token, name: "token", parent: name, max: 64)
            try self.validate(self.token, name: "token", parent: name, min: 1)
            try self.validate(self.token, name: "token", parent: name, pattern: "^\\w+$")
            try self.validate(self.workflowId, name: "workflowId", parent: name, max: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, min: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, pattern: "^w-([a-z0-9]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case executionId = "ExecutionId"
            case status = "Status"
            case token = "Token"
            case workflowId = "WorkflowId"
        }
    }

    public struct SendWorkflowStepStateResponse: AWSDecodableShape {
        public init() {}
    }

    public struct ServiceMetadata: AWSDecodableShape {
        /// The Server ID (ServerId), Session ID (SessionId) and user (UserName) make up the UserDetails.
        public let userDetails: UserDetails

        public init(userDetails: UserDetails) {
            self.userDetails = userDetails
        }

        private enum CodingKeys: String, CodingKey {
            case userDetails = "UserDetails"
        }
    }

    public struct SshPublicKey: AWSDecodableShape {
        /// Specifies the date that the public key was added to the user account.
        public let dateImported: Date
        /// Specifies the content of the SSH public key as specified by the PublicKeyId. Transfer Family accepts RSA, ECDSA, and ED25519 keys.
        public let sshPublicKeyBody: String
        /// Specifies the SshPublicKeyId parameter contains the identifier of the public key.
        public let sshPublicKeyId: String

        public init(dateImported: Date, sshPublicKeyBody: String, sshPublicKeyId: String) {
            self.dateImported = dateImported
            self.sshPublicKeyBody = sshPublicKeyBody
            self.sshPublicKeyId = sshPublicKeyId
        }

        private enum CodingKeys: String, CodingKey {
            case dateImported = "DateImported"
            case sshPublicKeyBody = "SshPublicKeyBody"
            case sshPublicKeyId = "SshPublicKeyId"
        }
    }

    public struct StartFileTransferRequest: AWSEncodableShape {
        /// The unique identifier for the connector.
        public let connectorId: String
        /// An array of strings. Each string represents the absolute path for one outbound file transfer. For example,  DOC-EXAMPLE-BUCKET/myfile.txt .
        public let sendFilePaths: [String]

        public init(connectorId: String, sendFilePaths: [String]) {
            self.connectorId = connectorId
            self.sendFilePaths = sendFilePaths
        }

        public func validate(name: String) throws {
            try self.validate(self.connectorId, name: "connectorId", parent: name, max: 19)
            try self.validate(self.connectorId, name: "connectorId", parent: name, min: 19)
            try self.validate(self.connectorId, name: "connectorId", parent: name, pattern: "^c-([0-9a-f]{17})$")
            try self.sendFilePaths.forEach {
                try validate($0, name: "sendFilePaths[]", parent: name, max: 1024)
                try validate($0, name: "sendFilePaths[]", parent: name, min: 1)
                try validate($0, name: "sendFilePaths[]", parent: name, pattern: "^(.)+$")
            }
            try self.validate(self.sendFilePaths, name: "sendFilePaths", parent: name, max: 10)
            try self.validate(self.sendFilePaths, name: "sendFilePaths", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case connectorId = "ConnectorId"
            case sendFilePaths = "SendFilePaths"
        }
    }

    public struct StartFileTransferResponse: AWSDecodableShape {
        /// Returns the unique identifier for this file transfer.
        public let transferId: String

        public init(transferId: String) {
            self.transferId = transferId
        }

        private enum CodingKeys: String, CodingKey {
            case transferId = "TransferId"
        }
    }

    public struct StartServerRequest: AWSEncodableShape {
        /// A system-assigned unique identifier for a server that you start.
        public let serverId: String

        public init(serverId: String) {
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
        }
    }

    public struct StopServerRequest: AWSEncodableShape {
        /// A system-assigned unique identifier for a server that you stopped.
        public let serverId: String

        public init(serverId: String) {
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
        }
    }

    public struct Tag: AWSEncodableShape & AWSDecodableShape {
        /// The name assigned to the tag that you create.
        public let key: String
        /// Contains one or more values that you assigned to the key name you create.
        public let value: String

        public init(key: String, value: String) {
            self.key = key
            self.value = value
        }

        public func validate(name: String) throws {
            try self.validate(self.key, name: "key", parent: name, max: 128)
            try self.validate(self.value, name: "value", parent: name, max: 256)
        }

        private enum CodingKeys: String, CodingKey {
            case key = "Key"
            case value = "Value"
        }
    }

    public struct TagResourceRequest: AWSEncodableShape {
        /// An Amazon Resource Name (ARN) for a specific Amazon Web Services resource, such as a server, user, or role.
        public let arn: String
        /// Key-value pairs assigned to ARNs that you can use to group and search for resources by type. You can attach this metadata to user accounts for any purpose.
        public let tags: [Tag]

        public init(arn: String, tags: [Tag]) {
            self.arn = arn
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, max: 1600)
            try self.validate(self.arn, name: "arn", parent: name, min: 20)
            try self.validate(self.arn, name: "arn", parent: name, pattern: "^arn:")
            try self.tags.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 50)
            try self.validate(self.tags, name: "tags", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case tags = "Tags"
        }
    }

    public struct TagStepDetails: AWSEncodableShape & AWSDecodableShape {
        /// The name of the step, used as an identifier.
        public let name: String?
        /// Specifies which file to use as input to the workflow step: either the output from the previous step, or the originally uploaded file for the workflow.   Enter ${previous.file} to use the previous file as the input. In this case, this workflow step uses the output file from the previous workflow step as input. This is the default value.   Enter ${original.file} to use the originally-uploaded file location as input for this step.
        public let sourceFileLocation: String?
        /// Array that contains from 1 to 10 key/value pairs.
        public let tags: [S3Tag]?

        public init(name: String? = nil, sourceFileLocation: String? = nil, tags: [S3Tag]? = nil) {
            self.name = name
            self.sourceFileLocation = sourceFileLocation
            self.tags = tags
        }

        public func validate(name: String) throws {
            try self.validate(self.name, name: "name", parent: name, max: 30)
            try self.validate(self.name, name: "name", parent: name, pattern: "^[\\w-]*$")
            try self.validate(self.sourceFileLocation, name: "sourceFileLocation", parent: name, max: 256)
            try self.validate(self.sourceFileLocation, name: "sourceFileLocation", parent: name, pattern: "^\\$\\{(\\w+.)+\\w+\\}$")
            try self.tags?.forEach {
                try $0.validate(name: "\(name).tags[]")
            }
            try self.validate(self.tags, name: "tags", parent: name, max: 10)
            try self.validate(self.tags, name: "tags", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case name = "Name"
            case sourceFileLocation = "SourceFileLocation"
            case tags = "Tags"
        }
    }

    public struct TestIdentityProviderRequest: AWSEncodableShape {
        /// A system-assigned identifier for a specific server. That server's user authentication method is tested with a user name and password.
        public let serverId: String
        /// The type of file transfer protocol to be tested. The available protocols are:   Secure Shell (SSH) File Transfer Protocol (SFTP)   File Transfer Protocol Secure (FTPS)   File Transfer Protocol (FTP)
        public let serverProtocol: `Protocol`?
        /// The source IP address of the user account to be tested.
        public let sourceIp: String?
        /// The name of the user account to be tested.
        public let userName: String
        /// The password of the user account to be tested.
        public let userPassword: String?

        public init(serverId: String, serverProtocol: `Protocol`? = nil, sourceIp: String? = nil, userName: String, userPassword: String? = nil) {
            self.serverId = serverId
            self.serverProtocol = serverProtocol
            self.sourceIp = sourceIp
            self.userName = userName
            self.userPassword = userPassword
        }

        public func validate(name: String) throws {
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
            try self.validate(self.sourceIp, name: "sourceIp", parent: name, max: 32)
            try self.validate(self.sourceIp, name: "sourceIp", parent: name, pattern: "^\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}$")
            try self.validate(self.userName, name: "userName", parent: name, max: 100)
            try self.validate(self.userName, name: "userName", parent: name, min: 3)
            try self.validate(self.userName, name: "userName", parent: name, pattern: "^[\\w][\\w@.-]{2,99}$")
            try self.validate(self.userPassword, name: "userPassword", parent: name, max: 1024)
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
            case serverProtocol = "ServerProtocol"
            case sourceIp = "SourceIp"
            case userName = "UserName"
            case userPassword = "UserPassword"
        }
    }

    public struct TestIdentityProviderResponse: AWSDecodableShape {
        /// A message that indicates whether the test was successful or not.  If an empty string is returned, the most likely cause is that the authentication failed due to an incorrect username or password.
        public let message: String?
        /// The response that is returned from your API Gateway.
        public let response: String?
        /// The HTTP status code that is the response from your API Gateway.
        public let statusCode: Int
        /// The endpoint of the service used to authenticate a user.
        public let url: String

        public init(message: String? = nil, response: String? = nil, statusCode: Int, url: String) {
            self.message = message
            self.response = response
            self.statusCode = statusCode
            self.url = url
        }

        private enum CodingKeys: String, CodingKey {
            case message = "Message"
            case response = "Response"
            case statusCode = "StatusCode"
            case url = "Url"
        }
    }

    public struct UntagResourceRequest: AWSEncodableShape {
        /// The value of the resource that will have the tag removed. An Amazon Resource Name (ARN) is an identifier for a specific Amazon Web Services resource, such as a server, user, or role.
        public let arn: String
        /// TagKeys are key-value pairs assigned to ARNs that can be used to group and search for resources by type. This metadata can be attached to resources for any purpose.
        public let tagKeys: [String]

        public init(arn: String, tagKeys: [String]) {
            self.arn = arn
            self.tagKeys = tagKeys
        }

        public func validate(name: String) throws {
            try self.validate(self.arn, name: "arn", parent: name, max: 1600)
            try self.validate(self.arn, name: "arn", parent: name, min: 20)
            try self.validate(self.arn, name: "arn", parent: name, pattern: "^arn:")
            try self.tagKeys.forEach {
                try validate($0, name: "tagKeys[]", parent: name, max: 128)
            }
            try self.validate(self.tagKeys, name: "tagKeys", parent: name, max: 50)
            try self.validate(self.tagKeys, name: "tagKeys", parent: name, min: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case arn = "Arn"
            case tagKeys = "TagKeys"
        }
    }

    public struct UpdateAccessRequest: AWSEncodableShape {
        /// A unique identifier that is required to identify specific groups within your directory. The users of the group that you associate have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Transfer Family. If you know the group name, you can view the SID values by running the following command using Windows PowerShell.  Get-ADGroup -Filter {samAccountName -like "YourGroupName*"} -Properties * | Select SamAccountName,ObjectSid  In that command, replace YourGroupName with the name of your Active Directory group. The regular expression used to validate this parameter is a string of characters consisting of uppercase and lowercase alphanumeric characters with no spaces. You can also include underscores or any of the following characters: =,.@:/-
        public let externalId: String
        /// The landing directory (folder) for a user when they log in to the server using the client. A HomeDirectory example is /bucket_name/home/mydirectory.
        public let homeDirectory: String?
        /// Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)  role provides access to paths in Target. This value can be set only when HomeDirectoryType is set to LOGICAL. The following is an Entry and Target pair example.  [ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]  In most cases, you can use this value instead of the session policy to lock down your user to the designated home directory ("chroot"). To do this, you can set Entry to / and set Target to the HomeDirectory parameter value. The following is an Entry and Target pair example for chroot.  [ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]
        public let homeDirectoryMappings: [HomeDirectoryMapEntry]?
        /// The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer  protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for  how you want to make Amazon S3 or Amazon EFS paths visible to your users.
        public let homeDirectoryType: HomeDirectoryType?
        /// A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.  This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies. For session policies, Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the Policy argument. For an example of a session policy, see Example session policy. For more information, see AssumeRole in the Amazon Web ServicesSecurity Token Service API Reference.
        public let policy: String?
        public let posixProfile: PosixProfile?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3  bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users  when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust  relationship that allows the server to access your resources when servicing your users' transfer requests.
        public let role: String?
        /// A system-assigned unique identifier for a server instance. This is the specific server that you added your user to.
        public let serverId: String

        public init(externalId: String, homeDirectory: String? = nil, homeDirectoryMappings: [HomeDirectoryMapEntry]? = nil, homeDirectoryType: HomeDirectoryType? = nil, policy: String? = nil, posixProfile: PosixProfile? = nil, role: String? = nil, serverId: String) {
            self.externalId = externalId
            self.homeDirectory = homeDirectory
            self.homeDirectoryMappings = homeDirectoryMappings
            self.homeDirectoryType = homeDirectoryType
            self.policy = policy
            self.posixProfile = posixProfile
            self.role = role
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.externalId, name: "externalId", parent: name, max: 256)
            try self.validate(self.externalId, name: "externalId", parent: name, min: 1)
            try self.validate(self.externalId, name: "externalId", parent: name, pattern: "^S-1-[\\d-]+$")
            try self.validate(self.homeDirectory, name: "homeDirectory", parent: name, max: 1024)
            try self.validate(self.homeDirectory, name: "homeDirectory", parent: name, pattern: "^$|/")
            try self.homeDirectoryMappings?.forEach {
                try $0.validate(name: "\(name).homeDirectoryMappings[]")
            }
            try self.validate(self.homeDirectoryMappings, name: "homeDirectoryMappings", parent: name, max: 50)
            try self.validate(self.homeDirectoryMappings, name: "homeDirectoryMappings", parent: name, min: 1)
            try self.validate(self.policy, name: "policy", parent: name, max: 2048)
            try self.posixProfile?.validate(name: "\(name).posixProfile")
            try self.validate(self.role, name: "role", parent: name, max: 2048)
            try self.validate(self.role, name: "role", parent: name, min: 20)
            try self.validate(self.role, name: "role", parent: name, pattern: "^arn:.*role/")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case externalId = "ExternalId"
            case homeDirectory = "HomeDirectory"
            case homeDirectoryMappings = "HomeDirectoryMappings"
            case homeDirectoryType = "HomeDirectoryType"
            case policy = "Policy"
            case posixProfile = "PosixProfile"
            case role = "Role"
            case serverId = "ServerId"
        }
    }

    public struct UpdateAccessResponse: AWSDecodableShape {
        /// The external identifier of the group whose users have access to your Amazon S3 or Amazon EFS resources over the enabled protocols using Amazon Web ServicesTransfer Family.
        public let externalId: String
        /// The identifier of the server that the user is attached to.
        public let serverId: String

        public init(externalId: String, serverId: String) {
            self.externalId = externalId
            self.serverId = serverId
        }

        private enum CodingKeys: String, CodingKey {
            case externalId = "ExternalId"
            case serverId = "ServerId"
        }
    }

    public struct UpdateAgreementRequest: AWSEncodableShape {
        /// With AS2, you can send files by calling StartFileTransfer and specifying the file paths in the request parameter, SendFilePaths. We use the file’s parent directory (for example, for --send-file-paths /bucket/dir/file.txt, parent directory is /bucket/dir/) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the AccessRole needs to provide read and write access to the parent directory of the file location used in the StartFileTransfer request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with StartFileTransfer.
        public let accessRole: String?
        /// A unique identifier for the agreement. This identifier is returned when you create an agreement.
        public let agreementId: String
        /// To change the landing directory (folder) for files that are transferred, provide the bucket folder that you want to use; for example, /DOC-EXAMPLE-BUCKET/home/mydirectory .
        public let baseDirectory: String?
        /// To replace the existing description, provide a short description for the agreement.
        public let description: String?
        /// A unique identifier for the AS2 local profile. To change the local profile identifier, provide a new value here.
        public let localProfileId: String?
        /// A unique identifier for the partner profile. To change the partner profile identifier, provide a new value here.
        public let partnerProfileId: String?
        /// A system-assigned unique identifier for a server instance. This is the specific server that the agreement uses.
        public let serverId: String
        /// You can update the status for the agreement, either activating an inactive agreement or the reverse.
        public let status: AgreementStatusType?

        public init(accessRole: String? = nil, agreementId: String, baseDirectory: String? = nil, description: String? = nil, localProfileId: String? = nil, partnerProfileId: String? = nil, serverId: String, status: AgreementStatusType? = nil) {
            self.accessRole = accessRole
            self.agreementId = agreementId
            self.baseDirectory = baseDirectory
            self.description = description
            self.localProfileId = localProfileId
            self.partnerProfileId = partnerProfileId
            self.serverId = serverId
            self.status = status
        }

        public func validate(name: String) throws {
            try self.validate(self.accessRole, name: "accessRole", parent: name, max: 2048)
            try self.validate(self.accessRole, name: "accessRole", parent: name, min: 20)
            try self.validate(self.accessRole, name: "accessRole", parent: name, pattern: "^arn:.*role/")
            try self.validate(self.agreementId, name: "agreementId", parent: name, max: 19)
            try self.validate(self.agreementId, name: "agreementId", parent: name, min: 19)
            try self.validate(self.agreementId, name: "agreementId", parent: name, pattern: "^a-([0-9a-f]{17})$")
            try self.validate(self.baseDirectory, name: "baseDirectory", parent: name, max: 1024)
            try self.validate(self.baseDirectory, name: "baseDirectory", parent: name, pattern: "^$|/")
            try self.validate(self.description, name: "description", parent: name, max: 200)
            try self.validate(self.description, name: "description", parent: name, min: 1)
            try self.validate(self.description, name: "description", parent: name, pattern: "^[\\p{Graph}]+$")
            try self.validate(self.localProfileId, name: "localProfileId", parent: name, max: 19)
            try self.validate(self.localProfileId, name: "localProfileId", parent: name, min: 19)
            try self.validate(self.localProfileId, name: "localProfileId", parent: name, pattern: "^p-([0-9a-f]{17})$")
            try self.validate(self.partnerProfileId, name: "partnerProfileId", parent: name, max: 19)
            try self.validate(self.partnerProfileId, name: "partnerProfileId", parent: name, min: 19)
            try self.validate(self.partnerProfileId, name: "partnerProfileId", parent: name, pattern: "^p-([0-9a-f]{17})$")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case accessRole = "AccessRole"
            case agreementId = "AgreementId"
            case baseDirectory = "BaseDirectory"
            case description = "Description"
            case localProfileId = "LocalProfileId"
            case partnerProfileId = "PartnerProfileId"
            case serverId = "ServerId"
            case status = "Status"
        }
    }

    public struct UpdateAgreementResponse: AWSDecodableShape {
        /// A unique identifier for the agreement. This identifier is returned when you create an agreement.
        public let agreementId: String

        public init(agreementId: String) {
            self.agreementId = agreementId
        }

        private enum CodingKeys: String, CodingKey {
            case agreementId = "AgreementId"
        }
    }

    public struct UpdateCertificateRequest: AWSEncodableShape {
        /// An optional date that specifies when the certificate becomes active.
        public let activeDate: Date?
        /// The identifier of the certificate object that you are updating.
        public let certificateId: String
        /// A short description to help identify the certificate.
        public let description: String?
        /// An optional date that specifies when the certificate becomes inactive.
        public let inactiveDate: Date?

        public init(activeDate: Date? = nil, certificateId: String, description: String? = nil, inactiveDate: Date? = nil) {
            self.activeDate = activeDate
            self.certificateId = certificateId
            self.description = description
            self.inactiveDate = inactiveDate
        }

        public func validate(name: String) throws {
            try self.validate(self.certificateId, name: "certificateId", parent: name, max: 22)
            try self.validate(self.certificateId, name: "certificateId", parent: name, min: 22)
            try self.validate(self.certificateId, name: "certificateId", parent: name, pattern: "^cert-([0-9a-f]{17})$")
            try self.validate(self.description, name: "description", parent: name, max: 200)
            try self.validate(self.description, name: "description", parent: name, min: 1)
            try self.validate(self.description, name: "description", parent: name, pattern: "^[\\p{Graph}]+$")
        }

        private enum CodingKeys: String, CodingKey {
            case activeDate = "ActiveDate"
            case certificateId = "CertificateId"
            case description = "Description"
            case inactiveDate = "InactiveDate"
        }
    }

    public struct UpdateCertificateResponse: AWSDecodableShape {
        /// Returns the identifier of the certificate object that you are updating.
        public let certificateId: String

        public init(certificateId: String) {
            self.certificateId = certificateId
        }

        private enum CodingKeys: String, CodingKey {
            case certificateId = "CertificateId"
        }
    }

    public struct UpdateConnectorRequest: AWSEncodableShape {
        /// With AS2, you can send files by calling StartFileTransfer and specifying the file paths in the request parameter, SendFilePaths. We use the file’s parent directory (for example, for --send-file-paths /bucket/dir/file.txt, parent directory is /bucket/dir/) to temporarily store a processed AS2 message file, store the MDN when we receive them from the partner, and write a final JSON file containing relevant metadata of the transmission. So, the AccessRole needs to provide read and write access to the parent directory of the file location used in the StartFileTransfer request. Additionally, you need to provide read and write access to the parent directory of the files that you intend to send with StartFileTransfer.
        public let accessRole: String?
        /// A structure that contains the parameters for a connector object.
        public let as2Config: As2ConnectorConfig?
        /// The unique identifier for the connector.
        public let connectorId: String
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a connector to turn on CloudWatch logging for Amazon S3 events. When set, you can view connector activity in your CloudWatch logs.
        public let loggingRole: String?
        /// The URL of the partner's AS2 endpoint.
        public let url: String?

        public init(accessRole: String? = nil, as2Config: As2ConnectorConfig? = nil, connectorId: String, loggingRole: String? = nil, url: String? = nil) {
            self.accessRole = accessRole
            self.as2Config = as2Config
            self.connectorId = connectorId
            self.loggingRole = loggingRole
            self.url = url
        }

        public func validate(name: String) throws {
            try self.validate(self.accessRole, name: "accessRole", parent: name, max: 2048)
            try self.validate(self.accessRole, name: "accessRole", parent: name, min: 20)
            try self.validate(self.accessRole, name: "accessRole", parent: name, pattern: "^arn:.*role/")
            try self.as2Config?.validate(name: "\(name).as2Config")
            try self.validate(self.connectorId, name: "connectorId", parent: name, max: 19)
            try self.validate(self.connectorId, name: "connectorId", parent: name, min: 19)
            try self.validate(self.connectorId, name: "connectorId", parent: name, pattern: "^c-([0-9a-f]{17})$")
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, max: 2048)
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, min: 20)
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, pattern: "^arn:.*role/")
            try self.validate(self.url, name: "url", parent: name, max: 255)
        }

        private enum CodingKeys: String, CodingKey {
            case accessRole = "AccessRole"
            case as2Config = "As2Config"
            case connectorId = "ConnectorId"
            case loggingRole = "LoggingRole"
            case url = "Url"
        }
    }

    public struct UpdateConnectorResponse: AWSDecodableShape {
        /// Returns the identifier of the connector object that you are updating.
        public let connectorId: String

        public init(connectorId: String) {
            self.connectorId = connectorId
        }

        private enum CodingKeys: String, CodingKey {
            case connectorId = "ConnectorId"
        }
    }

    public struct UpdateHostKeyRequest: AWSEncodableShape {
        /// An updated description for the host key.
        public let description: String
        /// The identifier of the host key that you are updating.
        public let hostKeyId: String
        /// The identifier of the server that contains the host key that you are updating.
        public let serverId: String

        public init(description: String, hostKeyId: String, serverId: String) {
            self.description = description
            self.hostKeyId = hostKeyId
            self.serverId = serverId
        }

        public func validate(name: String) throws {
            try self.validate(self.description, name: "description", parent: name, max: 200)
            try self.validate(self.description, name: "description", parent: name, pattern: "^[\\p{Print}]*$")
            try self.validate(self.hostKeyId, name: "hostKeyId", parent: name, max: 25)
            try self.validate(self.hostKeyId, name: "hostKeyId", parent: name, min: 25)
            try self.validate(self.hostKeyId, name: "hostKeyId", parent: name, pattern: "^hostkey-[0-9a-f]{17}$")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case description = "Description"
            case hostKeyId = "HostKeyId"
            case serverId = "ServerId"
        }
    }

    public struct UpdateHostKeyResponse: AWSDecodableShape {
        /// Returns the host key identifier for the updated host key.
        public let hostKeyId: String
        /// Returns the server identifier for the server that contains the updated host key.
        public let serverId: String

        public init(hostKeyId: String, serverId: String) {
            self.hostKeyId = hostKeyId
            self.serverId = serverId
        }

        private enum CodingKeys: String, CodingKey {
            case hostKeyId = "HostKeyId"
            case serverId = "ServerId"
        }
    }

    public struct UpdateProfileRequest: AWSEncodableShape {
        /// An array of identifiers for the imported certificates. You use this identifier for working with profiles and partner profiles.
        public let certificateIds: [String]?
        /// The identifier of the profile object that you are updating.
        public let profileId: String

        public init(certificateIds: [String]? = nil, profileId: String) {
            self.certificateIds = certificateIds
            self.profileId = profileId
        }

        public func validate(name: String) throws {
            try self.certificateIds?.forEach {
                try validate($0, name: "certificateIds[]", parent: name, max: 22)
                try validate($0, name: "certificateIds[]", parent: name, min: 22)
                try validate($0, name: "certificateIds[]", parent: name, pattern: "^cert-([0-9a-f]{17})$")
            }
            try self.validate(self.profileId, name: "profileId", parent: name, max: 19)
            try self.validate(self.profileId, name: "profileId", parent: name, min: 19)
            try self.validate(self.profileId, name: "profileId", parent: name, pattern: "^p-([0-9a-f]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case certificateIds = "CertificateIds"
            case profileId = "ProfileId"
        }
    }

    public struct UpdateProfileResponse: AWSDecodableShape {
        /// Returns the identifier for the profile that's being updated.
        public let profileId: String

        public init(profileId: String) {
            self.profileId = profileId
        }

        private enum CodingKeys: String, CodingKey {
            case profileId = "ProfileId"
        }
    }

    public struct UpdateServerRequest: AWSEncodableShape {
        /// The Amazon Resource Name (ARN) of the Amazon Web ServicesCertificate Manager (ACM) certificate. Required when Protocols is set to FTPS. To request a new public certificate, see Request a public certificate in the  Amazon Web ServicesCertificate Manager User Guide. To import an existing certificate into ACM, see Importing certificates into ACM in the  Amazon Web ServicesCertificate Manager User Guide. To request a private certificate to use FTPS through private IP addresses, see Request a private certificate in the  Amazon Web ServicesCertificate Manager User Guide. Certificates with the following cryptographic algorithms and key sizes are supported:   2048-bit RSA (RSA_2048)   4096-bit RSA (RSA_4096)   Elliptic Prime Curve 256 bit (EC_prime256v1)   Elliptic Prime Curve 384 bit (EC_secp384r1)   Elliptic Prime Curve 521 bit (EC_secp521r1)    The certificate must be a valid SSL/TLS X.509 version 3 certificate with FQDN or IP address specified and information about the issuer.
        public let certificate: String?
        /// The virtual private cloud (VPC) endpoint settings that are configured for your server. When you host your endpoint within your VPC, you can make your endpoint accessible only to resources within your VPC, or you can attach Elastic IP addresses and make your endpoint accessible to clients over the internet. Your VPC's default security groups are automatically assigned to your endpoint.
        public let endpointDetails: EndpointDetails?
        /// The type of endpoint that you want your server to use. You can choose to make your server's endpoint publicly accessible (PUBLIC) or host it inside your VPC. With an endpoint that is hosted in a VPC, you can restrict access to your server and  resources only within your VPC or choose to make it internet facing by attaching Elastic IP addresses directly to it.  After May 19, 2021, you won't be able to create a server using EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount if your account hasn't already done so before May 19, 2021. If you have already created servers with EndpointType=VPC_ENDPOINT in your Amazon Web Servicesaccount on or before May 19, 2021, you will not be affected. After this date, use EndpointType=VPC. For more information, see https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint. It is recommended that you use VPC as the EndpointType. With this endpoint type, you have the option to directly associate up to three Elastic IPv4 addresses (BYO IP included) with your server's endpoint and use VPC security groups to restrict traffic by the client's public IP address. This is not possible with EndpointType set to VPC_ENDPOINT.
        public let endpointType: EndpointType?
        /// The RSA, ECDSA, or ED25519 private key to use for your SFTP-enabled server. You can add multiple host keys, in case you want to rotate keys, or have a set of active keys that use different algorithms. Use the following command to generate an RSA 2048 bit key with no passphrase:  ssh-keygen -t rsa -b 2048 -N "" -m PEM -f my-new-server-key. Use a minimum value of 2048 for the -b option. You can create a stronger key by using 3072 or 4096. Use the following command to generate an ECDSA 256 bit key with no passphrase:  ssh-keygen -t ecdsa -b 256 -N "" -m PEM -f my-new-server-key. Valid values for the -b option for ECDSA are 256, 384, and 521. Use the following command to generate an ED25519 key with no passphrase:  ssh-keygen -t ed25519 -N "" -f my-new-server-key. For all of these commands, you can replace my-new-server-key with a string of your choice.  If you aren't planning to migrate existing users from an existing SFTP-enabled server to a new server, don't update the host key. Accidentally changing a server's host key can be disruptive.  For more information, see Update host keys for your SFTP-enabled server in the Transfer Family User Guide.
        public let hostKey: String?
        /// An array containing all of the information required to call a customer's authentication API method.
        public let identityProviderDetails: IdentityProviderDetails?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that allows a server to turn on Amazon CloudWatch logging for Amazon S3 or Amazon EFSevents. When set, you can view user activity in your CloudWatch logs.
        public let loggingRole: String?
        /// Specifies a string to display when users connect to a server. This string is displayed after the user authenticates.  The SFTP protocol does not support post-authentication display banners.
        public let postAuthenticationLoginBanner: String?
        /// Specifies a string to display when users connect to a server. This string is displayed before the user authenticates. For example, the following banner displays details about using the system:  This system is for the use of authorized users only. Individuals using this computer system without authority, or in excess of their authority, are subject to having all of their activities on this system monitored and recorded by system personnel.
        public let preAuthenticationLoginBanner: String?
        /// The protocol settings that are configured for your server.    To indicate passive mode (for FTP and FTPS protocols), use the PassiveIp parameter. Enter a single dotted-quad IPv4 address, such as the external IP address of a firewall, router, or load balancer.    To ignore the error that is generated when the client attempts to use the SETSTAT command on a file that you are  uploading to an Amazon S3 bucket, use the SetStatOption parameter. To have the Transfer Family server ignore the  SETSTAT command and upload files without needing to make any changes to your SFTP client, set the value to  ENABLE_NO_OP. If you set the SetStatOption parameter to ENABLE_NO_OP, Transfer Family  generates a log entry to Amazon CloudWatch Logs, so that you can determine when the client is making a SETSTAT  call.   To determine whether your Transfer Family server resumes recent, negotiated sessions through a unique session ID, use the  TlsSessionResumptionMode parameter.    As2Transports indicates the transport method for the AS2 messages. Currently, only HTTP is supported.
        public let protocolDetails: ProtocolDetails?
        /// Specifies the file transfer protocol or protocols over which your file transfer protocol client can connect to your server's endpoint. The available protocols are:    SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer over SSH    FTPS (File Transfer Protocol Secure): File transfer with TLS encryption    FTP (File Transfer Protocol): Unencrypted file transfer    AS2 (Applicability Statement 2): used for transporting structured business-to-business data      If you select FTPS, you must choose a certificate stored in Certificate Manager (ACM)  which is used to identify your server when clients connect to it over FTPS.   If Protocol includes either FTP or FTPS, then the EndpointType must be VPC and the IdentityProviderType must be AWS_DIRECTORY_SERVICE or API_GATEWAY.   If Protocol includes FTP, then AddressAllocationIds cannot be associated.   If Protocol is set only to SFTP, the EndpointType can be set to PUBLIC and the IdentityProviderType can be set to SERVICE_MANAGED.   If Protocol includes AS2, then the EndpointType must be VPC, and domain must be Amazon S3.
        public let protocols: [`Protocol`]?
        /// Specifies the name of the security policy that is attached to the server.
        public let securityPolicyName: String?
        /// A system-assigned unique identifier for a server instance that the user account is assigned to.
        public let serverId: String
        /// Specifies the workflow ID for the workflow to assign and the execution role that's used for executing the workflow. In additon to a workflow to execute when a file is uploaded completely, WorkflowDeatails can also contain a workflow ID (and execution role) for a workflow to execute on partial upload. A partial upload occurs when a file is open when the session disconnects. To remove an associated workflow from a server, you can provide an empty OnUpload object, as in the following example.  aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{"OnUpload":[]}'
        public let workflowDetails: WorkflowDetails?

        public init(certificate: String? = nil, endpointDetails: EndpointDetails? = nil, endpointType: EndpointType? = nil, hostKey: String? = nil, identityProviderDetails: IdentityProviderDetails? = nil, loggingRole: String? = nil, postAuthenticationLoginBanner: String? = nil, preAuthenticationLoginBanner: String? = nil, protocolDetails: ProtocolDetails? = nil, protocols: [`Protocol`]? = nil, securityPolicyName: String? = nil, serverId: String, workflowDetails: WorkflowDetails? = nil) {
            self.certificate = certificate
            self.endpointDetails = endpointDetails
            self.endpointType = endpointType
            self.hostKey = hostKey
            self.identityProviderDetails = identityProviderDetails
            self.loggingRole = loggingRole
            self.postAuthenticationLoginBanner = postAuthenticationLoginBanner
            self.preAuthenticationLoginBanner = preAuthenticationLoginBanner
            self.protocolDetails = protocolDetails
            self.protocols = protocols
            self.securityPolicyName = securityPolicyName
            self.serverId = serverId
            self.workflowDetails = workflowDetails
        }

        public func validate(name: String) throws {
            try self.validate(self.certificate, name: "certificate", parent: name, max: 1600)
            try self.endpointDetails?.validate(name: "\(name).endpointDetails")
            try self.validate(self.hostKey, name: "hostKey", parent: name, max: 4096)
            try self.identityProviderDetails?.validate(name: "\(name).identityProviderDetails")
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, max: 2048)
            try self.validate(self.loggingRole, name: "loggingRole", parent: name, pattern: "^$|arn:.*role/")
            try self.validate(self.postAuthenticationLoginBanner, name: "postAuthenticationLoginBanner", parent: name, max: 512)
            try self.validate(self.postAuthenticationLoginBanner, name: "postAuthenticationLoginBanner", parent: name, pattern: "^[\\x09-\\x0D\\x20-\\x7E]*$")
            try self.validate(self.preAuthenticationLoginBanner, name: "preAuthenticationLoginBanner", parent: name, max: 512)
            try self.validate(self.preAuthenticationLoginBanner, name: "preAuthenticationLoginBanner", parent: name, pattern: "^[\\x09-\\x0D\\x20-\\x7E]*$")
            try self.protocolDetails?.validate(name: "\(name).protocolDetails")
            try self.validate(self.protocols, name: "protocols", parent: name, max: 4)
            try self.validate(self.protocols, name: "protocols", parent: name, min: 1)
            try self.validate(self.securityPolicyName, name: "securityPolicyName", parent: name, max: 100)
            try self.validate(self.securityPolicyName, name: "securityPolicyName", parent: name, pattern: "^TransferSecurityPolicy-.+$")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
            try self.workflowDetails?.validate(name: "\(name).workflowDetails")
        }

        private enum CodingKeys: String, CodingKey {
            case certificate = "Certificate"
            case endpointDetails = "EndpointDetails"
            case endpointType = "EndpointType"
            case hostKey = "HostKey"
            case identityProviderDetails = "IdentityProviderDetails"
            case loggingRole = "LoggingRole"
            case postAuthenticationLoginBanner = "PostAuthenticationLoginBanner"
            case preAuthenticationLoginBanner = "PreAuthenticationLoginBanner"
            case protocolDetails = "ProtocolDetails"
            case protocols = "Protocols"
            case securityPolicyName = "SecurityPolicyName"
            case serverId = "ServerId"
            case workflowDetails = "WorkflowDetails"
        }
    }

    public struct UpdateServerResponse: AWSDecodableShape {
        /// A system-assigned unique identifier for a server that the user account is assigned to.
        public let serverId: String

        public init(serverId: String) {
            self.serverId = serverId
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
        }
    }

    public struct UpdateUserRequest: AWSEncodableShape {
        /// The landing directory (folder) for a user when they log in to the server using the client. A HomeDirectory example is /bucket_name/home/mydirectory.
        public let homeDirectory: String?
        /// Logical directory mappings that specify what Amazon S3 or Amazon EFS paths and keys should be visible to your user and how you want to make them visible. You must specify the Entry and Target pair, where Entry shows how the path is made visible and Target is the actual Amazon S3 or Amazon EFS path. If you only specify a target, it is displayed as is. You also must ensure that your Identity and Access Management (IAM)  role provides access to paths in Target. This value can be set only when HomeDirectoryType is set to LOGICAL. The following is an Entry and Target pair example.  [ { "Entry": "/directory1", "Target": "/bucket_name/home/mydirectory" } ]  In most cases, you can use this value instead of the session policy to lock down your user to the designated home directory ("chroot"). To do this, you can set Entry to '/' and set Target to the HomeDirectory parameter value. The following is an Entry and Target pair example for chroot.  [ { "Entry": "/", "Target": "/bucket_name/home/mydirectory" } ]
        public let homeDirectoryMappings: [HomeDirectoryMapEntry]?
        /// The type of landing directory (folder) that you want your users' home directory to be when they log in to the server. If you set it to PATH, the user will see the absolute Amazon S3 bucket or EFS paths as is in their file transfer  protocol clients. If you set it LOGICAL, you need to provide mappings in the HomeDirectoryMappings for  how you want to make Amazon S3 or Amazon EFS paths visible to your users.
        public let homeDirectoryType: HomeDirectoryType?
        /// A session policy for your user so that you can use the same Identity and Access Management (IAM) role across multiple users. This policy scopes down a user's access to portions of their Amazon S3 bucket. Variables that you can use inside this policy include ${Transfer:UserName}, ${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}.  This policy applies only when the domain of ServerId is Amazon S3. Amazon EFS does not use session policies. For session policies, Transfer Family stores the policy as a JSON blob, instead of the Amazon Resource Name (ARN) of the policy. You save the policy as a JSON blob and pass it in the Policy argument. For an example of a session policy, see Creating a session policy. For more information, see AssumeRole in the Amazon Web Services Security Token Service API Reference.
        public let policy: String?
        /// Specifies the full POSIX identity, including user ID (Uid), group ID (Gid), and any secondary groups IDs (SecondaryGids), that controls your users' access to your Amazon Elastic File Systems (Amazon EFS). The POSIX permissions that are set on files and directories in your file system determines the level of access your users get when transferring files into and out of your Amazon EFS file systems.
        public let posixProfile: PosixProfile?
        /// The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) role that controls your users' access to your Amazon S3  bucket or Amazon EFS file system. The policies attached to this role determine the level of access that you want to provide your users  when transferring files into and out of your Amazon S3 bucket or Amazon EFS file system. The IAM role should also contain a trust  relationship that allows the server to access your resources when servicing your users' transfer requests.
        public let role: String?
        /// A system-assigned unique identifier for a server instance that the user account is assigned to.
        public let serverId: String
        /// A unique string that identifies a user and is associated with a server as specified by the ServerId. This user name must be a minimum of 3 and a maximum of 100 characters long. The following are valid characters: a-z, A-Z, 0-9, underscore '_', hyphen '-', period '.', and at sign '@'. The user name can't start with a hyphen, period, or at sign.
        public let userName: String

        public init(homeDirectory: String? = nil, homeDirectoryMappings: [HomeDirectoryMapEntry]? = nil, homeDirectoryType: HomeDirectoryType? = nil, policy: String? = nil, posixProfile: PosixProfile? = nil, role: String? = nil, serverId: String, userName: String) {
            self.homeDirectory = homeDirectory
            self.homeDirectoryMappings = homeDirectoryMappings
            self.homeDirectoryType = homeDirectoryType
            self.policy = policy
            self.posixProfile = posixProfile
            self.role = role
            self.serverId = serverId
            self.userName = userName
        }

        public func validate(name: String) throws {
            try self.validate(self.homeDirectory, name: "homeDirectory", parent: name, max: 1024)
            try self.validate(self.homeDirectory, name: "homeDirectory", parent: name, pattern: "^$|/")
            try self.homeDirectoryMappings?.forEach {
                try $0.validate(name: "\(name).homeDirectoryMappings[]")
            }
            try self.validate(self.homeDirectoryMappings, name: "homeDirectoryMappings", parent: name, max: 50)
            try self.validate(self.homeDirectoryMappings, name: "homeDirectoryMappings", parent: name, min: 1)
            try self.validate(self.policy, name: "policy", parent: name, max: 2048)
            try self.posixProfile?.validate(name: "\(name).posixProfile")
            try self.validate(self.role, name: "role", parent: name, max: 2048)
            try self.validate(self.role, name: "role", parent: name, min: 20)
            try self.validate(self.role, name: "role", parent: name, pattern: "^arn:.*role/")
            try self.validate(self.serverId, name: "serverId", parent: name, max: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, min: 19)
            try self.validate(self.serverId, name: "serverId", parent: name, pattern: "^s-([0-9a-f]{17})$")
            try self.validate(self.userName, name: "userName", parent: name, max: 100)
            try self.validate(self.userName, name: "userName", parent: name, min: 3)
            try self.validate(self.userName, name: "userName", parent: name, pattern: "^[\\w][\\w@.-]{2,99}$")
        }

        private enum CodingKeys: String, CodingKey {
            case homeDirectory = "HomeDirectory"
            case homeDirectoryMappings = "HomeDirectoryMappings"
            case homeDirectoryType = "HomeDirectoryType"
            case policy = "Policy"
            case posixProfile = "PosixProfile"
            case role = "Role"
            case serverId = "ServerId"
            case userName = "UserName"
        }
    }

    public struct UpdateUserResponse: AWSDecodableShape {
        /// A system-assigned unique identifier for a server instance that the user account is assigned to.
        public let serverId: String
        /// The unique identifier for a user that is assigned to a server instance that was specified in the request.
        public let userName: String

        public init(serverId: String, userName: String) {
            self.serverId = serverId
            self.userName = userName
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
            case userName = "UserName"
        }
    }

    public struct UserDetails: AWSDecodableShape {
        /// The system-assigned unique identifier for a Transfer server instance.
        public let serverId: String
        /// The system-assigned unique identifier for a session that corresponds to the workflow.
        public let sessionId: String?
        /// A unique string that identifies a user account associated with a server.
        public let userName: String

        public init(serverId: String, sessionId: String? = nil, userName: String) {
            self.serverId = serverId
            self.sessionId = sessionId
            self.userName = userName
        }

        private enum CodingKeys: String, CodingKey {
            case serverId = "ServerId"
            case sessionId = "SessionId"
            case userName = "UserName"
        }
    }

    public struct WorkflowDetail: AWSEncodableShape & AWSDecodableShape {
        /// Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources
        public let executionRole: String
        /// A unique identifier for the workflow.
        public let workflowId: String

        public init(executionRole: String, workflowId: String) {
            self.executionRole = executionRole
            self.workflowId = workflowId
        }

        public func validate(name: String) throws {
            try self.validate(self.executionRole, name: "executionRole", parent: name, max: 2048)
            try self.validate(self.executionRole, name: "executionRole", parent: name, min: 20)
            try self.validate(self.executionRole, name: "executionRole", parent: name, pattern: "^arn:.*role/")
            try self.validate(self.workflowId, name: "workflowId", parent: name, max: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, min: 19)
            try self.validate(self.workflowId, name: "workflowId", parent: name, pattern: "^w-([a-z0-9]{17})$")
        }

        private enum CodingKeys: String, CodingKey {
            case executionRole = "ExecutionRole"
            case workflowId = "WorkflowId"
        }
    }

    public struct WorkflowDetails: AWSEncodableShape & AWSDecodableShape {
        /// A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload. A partial upload occurs when a file is open when the session disconnects.
        public let onPartialUpload: [WorkflowDetail]?
        /// A trigger that starts a workflow: the workflow begins to execute after a file is uploaded. To remove an associated workflow from a server, you can provide an empty OnUpload object, as in the following example.  aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{"OnUpload":[]}'
        public let onUpload: [WorkflowDetail]?

        public init(onPartialUpload: [WorkflowDetail]? = nil, onUpload: [WorkflowDetail]? = nil) {
            self.onPartialUpload = onPartialUpload
            self.onUpload = onUpload
        }

        public func validate(name: String) throws {
            try self.onPartialUpload?.forEach {
                try $0.validate(name: "\(name).onPartialUpload[]")
            }
            try self.validate(self.onPartialUpload, name: "onPartialUpload", parent: name, max: 1)
            try self.onUpload?.forEach {
                try $0.validate(name: "\(name).onUpload[]")
            }
            try self.validate(self.onUpload, name: "onUpload", parent: name, max: 1)
        }

        private enum CodingKeys: String, CodingKey {
            case onPartialUpload = "OnPartialUpload"
            case onUpload = "OnUpload"
        }
    }

    public struct WorkflowStep: AWSEncodableShape & AWSDecodableShape {
        /// Details for a step that performs a file copy.  Consists of the following values:    A description   An S3 location for the destination of the file copy.   A flag that indicates whether or not to overwrite an existing file of the same name. The default is FALSE.
        public let copyStepDetails: CopyStepDetails?
        /// Details for a step that invokes a lambda function.  Consists of the lambda function name, target, and timeout (in seconds).
        public let customStepDetails: CustomStepDetails?
        public let decryptStepDetails: DecryptStepDetails?
        /// Details for a step that deletes the file.
        public let deleteStepDetails: DeleteStepDetails?
        /// Details for a step that creates one or more tags. You specify one or more tags: each tag contains a key/value pair.
        public let tagStepDetails: TagStepDetails?
        ///  Currently, the following step types are supported.     COPY: Copy the file to another location.    CUSTOM: Perform a custom step with an Lambda function target.    DELETE: Delete the file.    TAG: Add a tag to the file.
        public let type: WorkflowStepType?

        public init(copyStepDetails: CopyStepDetails? = nil, customStepDetails: CustomStepDetails? = nil, decryptStepDetails: DecryptStepDetails? = nil, deleteStepDetails: DeleteStepDetails? = nil, tagStepDetails: TagStepDetails? = nil, type: WorkflowStepType? = nil) {
            self.copyStepDetails = copyStepDetails
            self.customStepDetails = customStepDetails
            self.decryptStepDetails = decryptStepDetails
            self.deleteStepDetails = deleteStepDetails
            self.tagStepDetails = tagStepDetails
            self.type = type
        }

        public func validate(name: String) throws {
            try self.copyStepDetails?.validate(name: "\(name).copyStepDetails")
            try self.customStepDetails?.validate(name: "\(name).customStepDetails")
            try self.decryptStepDetails?.validate(name: "\(name).decryptStepDetails")
            try self.deleteStepDetails?.validate(name: "\(name).deleteStepDetails")
            try self.tagStepDetails?.validate(name: "\(name).tagStepDetails")
        }

        private enum CodingKeys: String, CodingKey {
            case copyStepDetails = "CopyStepDetails"
            case customStepDetails = "CustomStepDetails"
            case decryptStepDetails = "DecryptStepDetails"
            case deleteStepDetails = "DeleteStepDetails"
            case tagStepDetails = "TagStepDetails"
            case type = "Type"
        }
    }
}

// MARK: - Errors

/// Error enum for Transfer
public struct TransferErrorType: AWSErrorType {
    enum Code: String {
        case accessDeniedException = "AccessDeniedException"
        case conflictException = "ConflictException"
        case internalServiceError = "InternalServiceError"
        case invalidNextTokenException = "InvalidNextTokenException"
        case invalidRequestException = "InvalidRequestException"
        case resourceExistsException = "ResourceExistsException"
        case resourceNotFoundException = "ResourceNotFoundException"
        case serviceUnavailableException = "ServiceUnavailableException"
        case throttlingException = "ThrottlingException"
    }

    private let error: Code
    public let context: AWSErrorContext?

    /// initialize Transfer
    public init?(errorCode: String, context: AWSErrorContext) {
        guard let error = Code(rawValue: errorCode) else { return nil }
        self.error = error
        self.context = context
    }

    internal init(_ error: Code) {
        self.error = error
        self.context = nil
    }

    /// return error code string
    public var errorCode: String { self.error.rawValue }

    /// You do not have sufficient access to perform this action.
    public static var accessDeniedException: Self { .init(.accessDeniedException) }
    /// This exception is thrown when the UpdateServer is called for a file transfer protocol-enabled server that has VPC as the endpoint type and the server&#39;s VpcEndpointID is not in the available state.
    public static var conflictException: Self { .init(.conflictException) }
    /// This exception is thrown when an error occurs in the Amazon Web ServicesTransfer Family service.
    public static var internalServiceError: Self { .init(.internalServiceError) }
    /// The NextToken parameter that was passed is invalid.
    public static var invalidNextTokenException: Self { .init(.invalidNextTokenException) }
    /// This exception is thrown when the client submits a malformed request.
    public static var invalidRequestException: Self { .init(.invalidRequestException) }
    /// The requested resource does not exist.
    public static var resourceExistsException: Self { .init(.resourceExistsException) }
    /// This exception is thrown when a resource is not found by the Amazon Web ServicesTransfer Family service.
    public static var resourceNotFoundException: Self { .init(.resourceNotFoundException) }
    /// The request has failed because the Amazon Web ServicesTransfer Family service is not available.
    public static var serviceUnavailableException: Self { .init(.serviceUnavailableException) }
    /// The request was denied due to request throttling.
    public static var throttlingException: Self { .init(.throttlingException) }
}

extension TransferErrorType: Equatable {
    public static func == (lhs: TransferErrorType, rhs: TransferErrorType) -> Bool {
        lhs.error == rhs.error
    }
}

extension TransferErrorType: CustomStringConvertible {
    public var description: String {
        return "\(self.error.rawValue): \(self.message ?? "")"
    }
}
